Cisco Cisco Packet Data Interworking Function (PDIF) Guía Para Resolver Problemas
Troubleshooting
▀ Troubleshooting the PDIF
▄ Cisco ASR 5000 Series Packet Data Interworking Function Administration Guide
OL-22963-01
HA Failure
If the HA fails, there is a health monitoring mechanism in the PDIF to generate an SNMP notification. At this time, all
traffic to and from the MS is black-holed. DPD/liveness checks from the MS are still in order, so the connection remains
in a hung state until the Proxy-MIP lifetime timer expires. When the PDIF attempts to re-register with the HA, the re-
registration attempt fails, and the PDIF tears down the IPSec session. In this case, the MS attempts to establish a new
IPSec session with the PDIF. If the HA has recovered, the IPSec session and Proxy-MIP session are re-established.
traffic to and from the MS is black-holed. DPD/liveness checks from the MS are still in order, so the connection remains
in a hung state until the Proxy-MIP lifetime timer expires. When the PDIF attempts to re-register with the HA, the re-
registration attempt fails, and the PDIF tears down the IPSec session. In this case, the MS attempts to establish a new
IPSec session with the PDIF. If the HA has recovered, the IPSec session and Proxy-MIP session are re-established.
General Error Cases for Mobile-IP Networks
The following are possible scenarios for mobile IP installations.
Table 8. Mobile IP Error Scenarios
Error Description
Comments
1
For Mobile-IP session,
CREATE_CHILD_SA should not include
CP payload for
INTERNAL_IP4_ADDRESS
CREATE_CHILD_SA should not include
CP payload for
INTERNAL_IP4_ADDRESS
If it is included, the session attempts are rejected and the complete IKEv2
session is disconnected.
session is disconnected.
2
For mobile IP session,
CREATE_CHILD_SA request should have
Tsi = HoA
CREATE_CHILD_SA request should have
Tsi = HoA
If Tsi is not the same as HoA, PDIF falls back to simple IP when session setup
timer expires (if this is allowed by configuration).
timer expires (if this is allowed by configuration).
3
Diameter Error codes received from HSS
PDIF allows configurable for each error code whether to continue with the
session setup or disconnect the session. Error logs are created.
session setup or disconnect the session. Error logs are created.
4
MS does not initiate CREATE_CHILD_SA
after PDIF/FA sends successful RRP
after PDIF/FA sends successful RRP
The session setup timer in PDIF/FA expires and session falls back to simple IP
(if this is allowed by configuration).
(if this is allowed by configuration).
5
If MS does not send RRQ when
first/implicit TIA based SA created.
first/implicit TIA based SA created.
The session setup timer expires and session is disconnected clearing both
IKEv2 SA and implicit TIA-based IPSec SA.
IKEv2 SA and implicit TIA-based IPSec SA.
6
CREATE_CHILD_SA request fails after
successful MIP registration.
successful MIP registration.
Session falls back to simple IP when session setup timer expires (if this is
allowed by configuration).
allowed by configuration).
7
TIA pool is full and hence no address to
assign during the initial IKEv2 negotiations
assign during the initial IKEv2 negotiations
PDIF tears down the whole session attempt.
8
MS does not specify
INTERNAL_IP4_ADDR attribute during
IKEv2 negotiations.
INTERNAL_IP4_ADDR attribute during
IKEv2 negotiations.
PDIF tears down the whole session attempt since there is no way of assigning
IP address to mobile
IP address to mobile
9
MS does specify a valid IP address
INTERNAL_IP4_ADDR attribute during
IKEv2 negotiations.
INTERNAL_IP4_ADDR attribute during
IKEv2 negotiations.
If MS gives an IP address, and if it is available in the static pool configured in
the PDIF, then PDIF allows session to be established using the specified IP
address.If MS gives the IP address of 0.0.0.0 then PDIF assigns an IP address
from the pool.If MS gives an IP address that is not available in any of the static
pools defined on the PDIF, then the PDIF disconnects the session.
the PDIF, then PDIF allows session to be established using the specified IP
address.If MS gives the IP address of 0.0.0.0 then PDIF assigns an IP address
from the pool.If MS gives an IP address that is not available in any of the static
pools defined on the PDIF, then the PDIF disconnects the session.