Cisco Cisco Packet Data Gateway (PDG)
NAT Changes in Release 16
NAT Enhancements for 16.0 ▀
Release Change Reference, StarOS Release 16 ▄
303
CSCuh25763 - NAT Realm per FW/NAT policy
Applicable Products: GGSN, HA, PDSN, P-GW
Feature Changes
Support for NAT Realm per FW/NAT Policy
In this release, the number of NAT realms that can be configured in Firewall-and-NAT policy is 20 and a maximum of 3
NAT realms per call/subscriber can be configured.
NAT realms per call/subscriber can be configured.
When NAT realms configured per Firewall-and-NAT policy exceeds more than 20, an error message will be displayed.
In case of on-demand NAT, once 3 NAT IPs are allocated to subscribers and traffic sent to the fourth NAT realm, then
packets will be dropped.
In case of on-demand NAT, once 3 NAT IPs are allocated to subscribers and traffic sent to the fourth NAT realm, then
packets will be dropped.
Previous Behavior: In previous releases, the maximum number of NAT realms per Firewall-and-NAT policy was
limited to 3. The same Firewall-and-NAT policy was used for most NAT users and source-IP based rules were used to
select NAT realm for subscribers. Although only three NAT realms were used per subscriber, the same Firewall-and-
NAT policy will not allow more than three NAT realms to be configured. This caused issues like duplicating of
Firewall-and-NAT policy/rulebase and sending rulebase from AAA.
limited to 3. The same Firewall-and-NAT policy was used for most NAT users and source-IP based rules were used to
select NAT realm for subscribers. Although only three NAT realms were used per subscriber, the same Firewall-and-
NAT policy will not allow more than three NAT realms to be configured. This caused issues like duplicating of
Firewall-and-NAT policy/rulebase and sending rulebase from AAA.
New Behavior: The maximum number of NAT realms per Firewall-and-NAT policy and per subscriber need to be
independent of each other. This feature allows 20 NAT realms to be configured in Firewall-and-NAT policy and limits
NAT-IP per subscriber to 3 in data path.
independent of each other. This feature allows 20 NAT realms to be configured in Firewall-and-NAT policy and limits
NAT-IP per subscriber to 3 in data path.
CSCuh97978 - [ICSR-Volte] Removing the usage of pacing queue for critical
MCs
Applicable Products: GGSN, HA, PDSN, P-GW
Feature Changes
ICSR Enhancements for VoLTE
A significant number of internal enhancements have been made in support of voice-grade redundancy for Voice over
LTE (VoLTE) deployments. ICSR components have been optimized to ensure that failure recovery is accomplished
within acceptable limits for VoLTE.
LTE (VoLTE) deployments. ICSR components have been optimized to ensure that failure recovery is accomplished
within acceptable limits for VoLTE.
For more details, see the System Enhancements for March 14, 2014 chapter in this Release Notes.
CSCul83326, CSCzm98044 - CLI to filter the subscribers based on on-demand
NAT IP usage time
Applicable Products: GGSN, HA, PDSN, P-GW
Feature Changes
Support for On-Demand NAT Realms