Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
PDG/TTG Overview
Features and Functionality ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22938-01
preventing a fully-connected user session from being dropped. For information about the required software license for
this feature, contact your sales representative.
this feature, contact your sales representative.
IPSec session recovery is performed by mirroring key software processes (the IPSec manager, session manager, and
AAA manager, for example) on the PDG/TTG. These mirrored processes remain in an idle state (in standby mode),
where they perform no processing until they may be needed in the case of a software failure (a session manager task
aborts, for example). The system spawns new instances of standby mode sessions and AAA managers for each active
control processor being used.
AAA manager, for example) on the PDG/TTG. These mirrored processes remain in an idle state (in standby mode),
where they perform no processing until they may be needed in the case of a software failure (a session manager task
aborts, for example). The system spawns new instances of standby mode sessions and AAA managers for each active
control processor being used.
Additionally, other key system-level software tasks such as VPN manager are performed on a physically separate Packet
Services Card (PSC/PSC2) to ensure that a double software fault (the session manager and the VPN manager fail at
same time on same card, for example) cannot occur. The PSC/PSC2 used to host the VPN manager process is in active
mode and is reserved by the operating system for this sole use when session recovery is enabled. At a minimum, four
PSCs/PSC2s (3 active and 1 standby) are required on the chassis to support the IPSec session recovery feature.
Services Card (PSC/PSC2) to ensure that a double software fault (the session manager and the VPN manager fail at
same time on same card, for example) cannot occur. The PSC/PSC2 used to host the VPN manager process is in active
mode and is reserved by the operating system for this sole use when session recovery is enabled. At a minimum, four
PSCs/PSC2s (3 active and 1 standby) are required on the chassis to support the IPSec session recovery feature.
Important:
For more information about session recovery support, refer to Session Recovery in the System
Enhanced Feature Configuration Guide.
Congestion Control
Congestion control allows you to set policies and thresholds and specify how the system reacts when faced with a heavy
load condition.
load condition.
Congestion control monitors the system for conditions that could potentially degrade performance when the system is
under heavy load. Typically, these conditions are temporary (for example, high CPU or memory utilization) and are
quickly resolved. However, continuous or large numbers of these conditions within a specific time interval may have an
impact the system‘s ability to service subscriber sessions. Congestion control helps identify such conditions and invokes
policies for addressing the situation.
under heavy load. Typically, these conditions are temporary (for example, high CPU or memory utilization) and are
quickly resolved. However, continuous or large numbers of these conditions within a specific time interval may have an
impact the system‘s ability to service subscriber sessions. Congestion control helps identify such conditions and invokes
policies for addressing the situation.
Congestion control operation is based on configuring the following:
Congestion Condition Thresholds: Thresholds dictate the conditions for which congestion control is enabled
and establishes limits for defining the state of the system (congested or clear). These thresholds function in a
way similar to operation thresholds that are configured for the system as described in the Thresholding
Configuration Guide. The primary difference is that when congestion thresholds are reached, a service
congestion policy and an SNMP trap, starCongestion, are generated.
way similar to operation thresholds that are configured for the system as described in the Thresholding
Configuration Guide. The primary difference is that when congestion thresholds are reached, a service
congestion policy and an SNMP trap, starCongestion, are generated.
A threshold tolerance dictates the percentage under the configured threshold that must be reached in order for the
condition to be cleared. An SNMP trap, starCongestionClear, is then triggered.
condition to be cleared. An SNMP trap, starCongestionClear, is then triggered.
Port Utilization Thresholds: If you set a port utilization threshold, when the average utilization of all ports in
the system reaches the specified threshold, congestion control is enabled.
Port-specific Thresholds: If you set port-specific thresholds, when any individual port-specific threshold is
reached, congestion control is enabled system-wide.
Service Congestion Policies: Congestion policies are configurable for each service. These policies dictate how
services respond when the system detects that a congestion condition threshold has been crossed.
Important:
For more information on congestion control, refer to the System Enhanced Feature Configuration
Guide.