Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
New In This 8.0 Release
▀ PDIF/FA Features
▄ Cisco ASR 5000 Series Product Overview
OL-22937-01
It supports MIBs as they are developed and bulkstats. It must be configured in its own context.
IPMS is described in detail in its own documentation suite, including online help files.
Multiple Authentication
Multiple Authentication is used when setting up a Proxy-Mobile-IP call with PDIF. In Stage One the device is
authenticated with an HSS server.
authenticated with an HSS server.
In Stage Two, the subscriber is authenticated with a AAA server over a RADIUS interface.
In Stage One, the authentication method must be EAP-AKA. In Stage Two, the authentication must be either MD5 or
GTC. If neither MD5 nor GTC is supported, the PDIF can convert these authentication messages and use standard
PAP/CHAP authentication instead.
GTC. If neither MD5 nor GTC is supported, the PDIF can convert these authentication messages and use standard
PAP/CHAP authentication instead.
This is fully described in the ―PDIF Overview‖ chapter in the PDIF Administration Guide.
Online Upgrade
PDIF is now using an online upgrade model called Active-Standby. This requires a license to activate.
Two chassis are connected by a redundancy link and Service Redundancy Protocol (SRP) is used over the link to
monitor and control chassis state. Both active and standby chassis have SRP-Activated resources defined. Loopback
interfaces are used in the example in the Admin Guide.
monitor and control chassis state. Both active and standby chassis have SRP-Activated resources defined. Loopback
interfaces are used in the example in the Admin Guide.
―SRP-Activated‖ means that the resource is configured with
to make the protocol work between the
two chassis. These resources are the same between the Active and Standby PDIF. Loop-back IP addresses in Ingress and
Egress contexts and IP pools in egress contexts are usually SRP-Activated resources. Only the active chassis enables the
SRP-Activated resources.
Egress contexts and IP pools in egress contexts are usually SRP-Activated resources. Only the active chassis enables the
SRP-Activated resources.
Online upgrade is discussed in the PDIF Administration Guide.
SRP and other required commands are documented in the Command Line Interface Reference.
Public and Private Key Mismatch Check
PDIF supports x.509 certificates. Every certificate has a public key of its own and configuration on a PDIF is done with
the public key and a private key. A mechanism has now been added to verify the AUTH payload from PDIF using
PDIF‘s public key.
the public key and a private key. A mechanism has now been added to verify the AUTH payload from PDIF using
PDIF‘s public key.
If there is a mis-match in the keys, you now see the following warning: