Cisco Cisco Packet Data Gateway (PDG)
Evolved Packet Data Gateway Overview
Features and Functionality ▀
ePDG Administration Guide, StarOS Release 17 ▄
43
PGW addresses received by DNS resolution, but all are unreachable
DNS server is not reachable, or rejects the DNS query
None of the PGW selection mechanisms(Static/Dynamic) are present, i.e. neither DNS resolution is configured,
nor AAA sends any PGW address
In all of the above scenarios, if local PGW address is configured and ePDG-Service is associated with Subscriber-Map,
then PGW address is selected based on weight. In this algorithm the sessions are created approximately in the same ratio
of the weights configured with the PGW addresses. For example if the weights are 10, 20 and 30, then 1000 sessions
will be distributed in ration 1:2:3 respectively. (same algorithm used as DNS resolution based PGW selection
mechanism.)
then PGW address is selected based on weight. In this algorithm the sessions are created approximately in the same ratio
of the weights configured with the PGW addresses. For example if the weights are 10, 20 and 30, then 1000 sessions
will be distributed in ration 1:2:3 respectively. (same algorithm used as DNS resolution based PGW selection
mechanism.)
Only first PGW is selected based on weight based selection algorithm and if the call does not gets established with this
selected PGW, rest of the addresses are selected on Round Robin method starting from next available PGW configured
rounding upto PGW address configured just before the PGW address selected based on weight. This way none of the
addresses are repeated. For example if ten PGW address are configured, based on weight 7th one is selected as first
address, and if it is unreachable then address at 8th index is selected, then 9th, 10th, 1st, 2nd and so on until address
present at 6th index.
selected PGW, rest of the addresses are selected on Round Robin method starting from next available PGW configured
rounding upto PGW address configured just before the PGW address selected based on weight. This way none of the
addresses are repeated. For example if ten PGW address are configured, based on weight 7th one is selected as first
address, and if it is unreachable then address at 8th index is selected, then 9th, 10th, 1st, 2nd and so on until address
present at 6th index.
In a case where PGW resolution is enabled and the existing DNS/AAA server PGW resolution mechanism failed and
there is no disconnect reason already set from previous mechanism, further the local PGW resolution failed due to
configuration error then new disconnect reason shall be set “ePDG-local-pgw-resolution-failed” for identifying the case.
there is no disconnect reason already set from previous mechanism, further the local PGW resolution failed due to
configuration error then new disconnect reason shall be set “ePDG-local-pgw-resolution-failed” for identifying the case.
Also in the case of HO, even if the local PGW resolution is enabled and there is no or unreachable PGW address
provided by AAA server, or PGW FQDN provided results in no or unreachable PGW address, then ePDG will not use
local PGW resolution mechanism for establishing the call.
provided by AAA server, or PGW FQDN provided results in no or unreachable PGW address, then ePDG will not use
local PGW resolution mechanism for establishing the call.
Local configuration as preferred PGW selection mechanism
The ePDG is further enhanced to support local configuration based PGW selection as the preferred method for PGW
node selection.
node selection.
The ePDG service should be configured indicating preferred method of PGW selection, whether local configuration or
DNS/AAA server based PGW selection. Local Configuration based PGW selection as fallback mechanism is default
configuration behavior.
DNS/AAA server based PGW selection. Local Configuration based PGW selection as fallback mechanism is default
configuration behavior.
This preferred PGW selection mechanism feature provides more control and flexibility to customer for routing/load
balancing the sessions on desired PGW.
balancing the sessions on desired PGW.
The feature shall be applicable only for initial attach and for Hand-Off calls ePDG shall use the PGW address provided
by AAA server even if the feature is enabled as the PGW selected by local configuration may be different from one
have the session on LTE.
by AAA server even if the feature is enabled as the PGW selected by local configuration may be different from one
have the session on LTE.
Non UICC device support using certificate based authentication
ePDG is enhanced to support the non UICC devices connectivity to EPC via ePDG using certificate based UE
authentication following authorization by AAA server.
authentication following authorization by AAA server.
ePDG already supports UICC devices connectivity using EAP-AKA based device authentication. However as non
UICC devices cannot do EAP-AKA based authentication, alternate method of using certificates is used.
UICC devices cannot do EAP-AKA based authentication, alternate method of using certificates is used.
ePDG supports the X.509 certificate based authentication and also communicates with OCSP (Online Certificate Status
Protocol) server for completing the authentication. Once the authentication is done ePDG communicates with AAA
server for ensuring the authorization of the device.
Protocol) server for completing the authentication. Once the authentication is done ePDG communicates with AAA
server for ensuring the authorization of the device.
As non UICC devices do not have IMSI, customized vIMSI in format similar to UICC IMSI uniquely identifying the
non UICC device needs to be shared by the device. The device IMSI is shared as part of peer (device) certificate to
ePDG. ePDG extracts serial number, issuing authority and OCSP responder address details from the certificate and
non UICC device needs to be shared by the device. The device IMSI is shared as part of peer (device) certificate to
ePDG. ePDG extracts serial number, issuing authority and OCSP responder address details from the certificate and