Page 1
ASR 5500 System Administration Guide, StarOS Release 19 First Published: September 30, 2015 Last Modified: June 30, 2016 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883...
Page 2
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks . Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
Context Selection for Context-level Administrative User Sessions Context Selection for Subscriber Sessions Understanding the ASR 5500 Boot Process Understanding Configuration Files IP Address Notation IPv4 Dotted-Decimal Notation IPv6 Colon-Separated-Hexadecimal Notation CIDR Notation Alphanumeric Strings ASR 5500 System Administration Guide, StarOS Release 19...
Page 4
Verifying the NTP Configuration Enabling CLI Timestamping Configuring CLI Confirmation Prompts Enabling Automatic Confirmation Requiring Confirmation for autoconfirm and configure Commands Requiring Confirmation for Specific Exec Mode Commands Configuring System Administrative Users ASR 5500 System Administration Guide, StarOS Release 19...
Page 5
Configuring MIO/UMIO Port Redundancy Auto-Recovery Verifying Port Redundancy Auto-Recovery Configuring Data Processing Card Availability Verifying Card Configurations Enabling Automatic Reset of FSC Fabric Configuring ASR 5500 Link Aggregation LAG and Master Port ASR 5500 System Administration Guide, StarOS Release 19...
Page 6
Configuring SNMP and Alarm Server Parameters Verifying SNMP Parameters Controlling SNMP Trap Generation Verifying and Saving Your Configuration C H A P T E R 5 Verifying the Configuration Feature Configuration Service Configuration Context Configuration System Configuration ASR 5500 System Administration Guide, StarOS Release 19...
Page 7
Notification of Changes in Privilege Levels User Access to Operating System Shell Test-Commands Enabling cli test-commands Mode Enabling Password for Access to CLI-test commands Exec Mode cli test-commands Configuration Mode cli test-commands ASR 5500 System Administration Guide, StarOS Release 19...
Page 8
Verify Free Space on the /flash Device Download the Software Image from the Support Site Transfer StarOS Image to /flash on the Chassis Saving a Copy of the Current Configuration File ASR 5500 System Administration Guide, StarOS Release 19 viii...
Page 9
Configuring Local-User Account Management Properties Local-User Account Lockouts Local-User Account Suspensions Changing Local-User Passwords Monitoring the System C H A P T E R 9 SNMP Notifications Monitoring System Status and Performance Clearing Statistics and Counters ASR 5500 System Administration Guide, StarOS Release 19...
Page 10
Specifying Facilities Configuring Trace Logging Configuring Monitor Logs Enabling Monitor Logs Disabling Monitor Logs Viewing Logging Configuration and Statistics Viewing Event Logs Using the CLI Configuring and Viewing Crash Logs Crash Logging Architecture ASR 5500 System Administration Guide, StarOS Release 19...
Page 11
FSC Redundancy LED States FSC Drive n Activity LED States Checking the LEDs on the SSC SSC Run/Fail LED States SSC Active LED States SSC Redundancy LED States SSC System Status LED States ASR 5500 System Administration Guide, StarOS Release 19...
Page 12
C H A P T E R 1 3 Prerequisites Console Access Boot Image Accessing the boot CLI Initiate a Reboot Interrupt the Boot Sequence Enter CLI Mode boot Command Syntax Booting from a Selected Image ASR 5500 System Administration Guide, StarOS Release 19...
Page 13
Verifying the ACL Configuration to Service-specified Default Subscriber Applying a Single ACL to Multiple Subscribers Applying an ACL to Multiple Subscriber via APNs Applying an ACL to Multiple Subscriber via APNs Verifying the ACL Configuration to APNs ASR 5500 System Administration Guide, StarOS Release 19 xiii...
Page 14
Enabling OSPF Over a Specific Interface Redistributing Routes Into OSPF (Optional) Confirming OSPF Configuration Parameters OSPFv3 Routing OSPFv3 Overview Basic OSPFv3 Configuration Enabling OSPFv3 Routing For a Specific Context Enabling OSPFv6 Over a Specific Interface ASR 5500 System Administration Guide, StarOS Release 19...
Page 15
Configuring BFD for Single Hop Configuring Multihop BFD Scaling of BFD Associating BGP Neighbors with the Context Associating OSPF Neighbors with the Context Associating BFD Neighbor Groups with the BFD Protocol Enabling BFD on OSPF Interfaces ASR 5500 System Administration Guide, StarOS Release 19...
Page 16
Configuring Subscriber VLAN Associations RADIUS Attributes Used Configuring Local Subscriber Profiles Verify the Subscriber Profile Configuration VLAN-Related CLI Commands BGP MPLS VPNs C H A P T E R 1 8 Introduction ASR 5500 System Administration Guide, StarOS Release 19...
Page 17
Viewing Recovered Session Information Recovery Control Task Statistics show rct stats Command Sample Output for show rct stats verbose Interchassis Session Recovery C H A P T E R 2 1 Overview ASR 5500 System Administration Guide, StarOS Release 19 xvii...
Page 18
Modifying the Source Context for ICSR Configuring BGP Router and Gateway Address Configuring the SRP Context for BGP Verifying BGP Configuration Modifying the Destination Context for ICSR Configuring BGP Router and Gateway Address in Destination Context ASR 5500 System Administration Guide, StarOS Release 19 xviii...
Page 19
Fallback Procedure Support Data Collector C H A P T E R 2 2 Overview Configuring SDR Collection Displaying the SDR Collection Configuration Collecting and Storing the SDR Information Managing Record Collection ASR 5500 System Administration Guide, StarOS Release 19...
Page 20
System Initiation Subsystem High Availability Subsystem Resource Manager Subsystem Virtual Private Networking Subsystem Network Processing Unit Subsystem Session Subsystem Platform Processes Management Processes ICSR Checkpointing A P P E N D I X C ASR 5500 System Administration Guide, StarOS Release 19...
Page 23
SESS_UCHKPT_CMD_CGW_DELETE_PDN SESS_UCHKPT_CMD_CGW_UPDATE_BEARER_QOS SESS_UCHKPT_CMD_CGW_UPDATE_PDN SESS_UCHKPT_CMD_CGW_UPDATE_STATS SESS_UCHKPT_CMD_CGW_UPDATE_UE_PARAM SESS_UCHKPT_CMD_SAMOG_ACCT_INTERIM_INFO SESS_UCHKPT_CMD_SAMOG_ACCT_START_INFO SESS_UCHKPT_CMD_SAMOG_EOGRE_TUNNEL_INFO SESS_UCHKPT_CMD_SAMOG_GTPV1_UPDATE_PDN_INFO SESS_UCHKPT_CMD_SAMOG_HANDOFF_AUTHEN_INFO SESS_UCHKPT_CMD_SAMOG_HANDOFF_INIT_INFO SESS_UCHKPT_CMD_SAMOG_LI_PROV_INFO SESS_UCHKPT_CMD_SAMOG_MIPV6_TIMER_INFO SESS_UCHKPT_CMD_SAMOG_MULTI_ROUND_AUTHEN_INFO SESS_UCHKPT_CMD_SAMOG_REAUTHEN_INFO SESS_UCHKPT_CMD_SAMOG_REAUTHOR_INFO ASR 5500 SDR CLI Command Strings A P P E N D I X D ASR 5500 System Administration Guide, StarOS Release 19 xxiii...
Page 24
Contents ASR 5500 System Administration Guide, StarOS Release 19 xxiv...
This preface describes the System Administration Guide, how it is organized and its document conventions. The System Administration Guide describes how to generally configure and maintain StarOS running on an ASR 5500 platform. It also includes information on monitoring system performance and troubleshooting. •...
• Thresholding Configuration Guide • Product-specific and feature-specific Administration guides MIOs and DPCs The ASR 5500 supports a variety of Management Input/Output and Data Processing Card types. The currently supported Management Input/Output card types include: ASR 5500 System Administration Guide, StarOS Release 19...
Use the information in this section to contact customer support. Refer to the support area of http://www.cisco.com for up-to-date product documentation or to submit a service request. A valid username and password are required to access this site. Please contact your Cisco sales or service representative for additional information.
Page 28
About this Guide Contacting Customer Support ASR 5500 System Administration Guide, StarOS Release 19 xxviii...
(CORBA and SNMPv1, v2). Wireless operators can readily integrate the ASR 5500 into their overall network, service, and business management systems. All management is performed out-of-band for security and to maintain system performance.
The StarOS CLI provides complete Fault, Configuration, Accounting, Performance, and Security (FCAPS) capabilities as described in the remaining chapters of this guide. By default StarOS supports local Console access to the CLI via the RS-232 Console port for initial system Important configuration. ASR 5500 System Administration Guide, StarOS Release 19...
17 IP addresses (one primary and up to 16 secondaries). For complete information on line cards and port assignments, refer to the ASR 5500 Installation Guide. UMIO cards and UDPC/UDPC2s are direct replacements for MIO cards and DPC/DPC2s. However, a...
When local subscriber profiles are first created, attributes for that subscriber are set to the system's default settings. The same default settings are applied to all subscriber profiles, including the subscriber ASR 5500 System Administration Guide, StarOS Release 19...
If you have configured the user profile on an AAA server, the system must determine how to contact the AAA server to perform authentication. It does this by determining the AAA context for the session. ASR 5500 System Administration Guide, StarOS Release 19...
Page 35
The following table and flowchart describe the process that the system uses to select an AAA context for a context-level administrative user. Items in the table correspond to the circled numbers in the flowchart. Figure 2: Context-level Administrative User AAA Context ASR 5500 System Administration Guide, StarOS Release 19...
Part of the configuration process requires that you allocate hardware resources for processing and redundancy. Therefore, before you configure the system, it is important to understand the boot process which determines how the hardware components are brought on line. ASR 5500 System Administration Guide, StarOS Release 19...
Page 37
On to that slot. All empty slots are powered off. If no MIOs are installed or if both fail to boot successfully, no other card installed in the system will boot. ASR 5500 System Administration Guide, StarOS Release 19...
To create a context called source using a configuration file, you would use a text editor to create a new file that consists of the following: config context source There are several important things to consider when using configuration files: ASR 5500 System Administration Guide, StarOS Release 19...
01111111, 00000000, 00000000, and 00000001, forming the full 32-bit address. IPv4 allows 32 bits for an Internet Protocol address and can, therefore, support 2 (4,294,967,296) addresses. ASR 5500 System Administration Guide, StarOS Release 19...
The number of addresses of a subnet defined by the mask or prefix can be calculated as 2 , in 32-29 which the address size for IPv4 is 32 and for IPv6 is 128. For example, in IPv4, a mask of /29 gives 2 = 8 addresses. ASR 5500 System Administration Guide, StarOS Release 19...
• | (vertical bar) [see exception below] The following characters may appear in strings entered in ruledefs, APNs, license keys and other configuration/display parameters: • < > (arrow brackets) [less than or greater than] ASR 5500 System Administration Guide, StarOS Release 19...
Quoted Strings If descriptive text requires the use of spaces between words, the string must be entered within double quotation marks (" "). For example: interface "Rack 3 Chassis 1 port 5/2" ASR 5500 System Administration Guide, StarOS Release 19...
This segment provides instructions for connecting to the console port and creating the initial local context management configuration. • ASR 5500 Configuration, page 15 • Using the ASR 5500 Quick Setup Wizard, page 15 • Using the CLI for Initial Configuration, page 21 • Configuring the System for Remote Access, page 23 •...
Page 44
• Configuring the system for remote CLI access The following figure and table provides a flow diagram that shows the run logic of the wizard with supplemental notes. Figure 4: ASR 5500 Quick Setup Wizard Logic Diagram ASR 5500 System Administration Guide, StarOS Release 19...
Page 45
Enter yes to set a new chassis key. Refer to the instructions in System Settings. Additional information can be found in the System Security chapter. ASR 5500 System Administration Guide, StarOS Release 19...
Page 46
Telnet uses TCP port number 23 by default, if enabled. enable telnet protocol. Note: For maximum system security, do not File Transfer Protocol (FTP) uses TCP port number enable FTP. 21 by default, if enabled. ASR 5500 System Administration Guide, StarOS Release 19...
Variables are displayed in italics (variable). Apply the configuration file to the system. Once applied, the parameter configuration is automatically saved to the system.cfg file stored in MIO/UMIO flash memory. ASR 5500 System Administration Guide, StarOS Release 19...
Page 48
Figure 5: MIO Interfaces Console port [Port 3] USB port 10 GbE ports, DC-1 [Ports 10 – 19] 10 GbE ports, DC-2 [Ports 20 – 29] 1 GbE ports (1000Base-T) [Ports 1 and 2] ASR 5500 System Administration Guide, StarOS Release 19...
The local context is the system's management context. Contexts allow you to logically group services or interfaces. A single context can consist of multiple services and can be bound to multiple interfaces. ASR 5500 System Administration Guide, StarOS Release 19...
Bind the port to the interface that you created in step 7b. Binding associates the port and all of its settings to the interface. Enter the following command: host_name bind interface interface_name local [local] (config-port-<slot#/port#>)# host_name no shutdown [local] (config-port-<slot#/port#>)# ASR 5500 System Administration Guide, StarOS Release 19...
Context Configuration mode ssh generate CLI command. A keyword that was supported in a previous release may be concealed in subsequent releases. StarOS continues to parse concealed keywords in existing scripts and ASR 5500 System Administration Guide, StarOS Release 19...
Page 52
[local] The CLI output should be similar to the sample output: "*" indicates the Best or Used route. Destination Nexthop Protocol Prec Cost Interface ipaddress *0.0.0.0/0 static mio1 network 0.0.0.0 connected mio1 ASR 5500 System Administration Guide, StarOS Release 19...
"private" key that only the owner is allowed to see. You create a key pair, securely store the private key on the device you want to log in from, and store the public key on the ASR 5x00 that you wish to log into. ASR 5500 System Administration Guide, StarOS Release 19...
• data is the encrypted key expressed as an alphanumeric string of 1 through 1023 characters • length octets is the length of the encrypted key in octets expressed as an integer from 0 through 65535 ASR 5500 System Administration Guide, StarOS Release 19...
• User tries to login with local context username through local context (VPN) interface with authorized-key configured on local context. • User tries to login with non-local context username through non-local context interface with authorized-key configured on non-local context. ASR 5500 System Administration Guide, StarOS Release 19...
The CLI output should look similar to this example: config context local interface_name interface ipaddress subnetmask ip address ipaddress subnetmask ip address secondary #exit Step 7 Save your configuration as described in Verifying and Saving Your Configuration. ASR 5500 System Administration Guide, StarOS Release 19...
Page 58
Getting Started Configuring the Management Interface with a Second IP Address ASR 5500 System Administration Guide, StarOS Release 19...
Configuring a Second Management Interface Refer to Getting Started for instructions on configuring a system management interface on the Management Input/Output (MIO/UMIO) card. This section provides described how to configure a second management interface. ASR 5500 System Administration Guide, StarOS Release 19...
Verifying and Saving Your Clock and Time Zone Configuration Enter the following command to verify that you configured the time and time zone correctly: show clock The output displays the date, time, and time zone that you configured. ASR 5500 System Administration Guide, StarOS Release 19...
Use of prefer usually results in a poorer choice than NTP can determine for itself. Do not change the maxpoll, minpoll, or version keyword settings unless instructed to do so by Cisco Important TAC.
The output displays information about all NTP servers. See the output below for an example deploying two NTP servers. +----Peer Selection: ( ) - Rejected / No Response (x) - False Tick (.) - Excess (-) - Outlyer (+) - Candidate (#) - Selected ASR 5500 System Administration Guide, StarOS Release 19...
Page 64
NTP server. offset Number of milliseconds by which the system clock must be adjusted to synchronize it with the NTP server. jitter Jitter in milliseconds between the system and the NTP server. ASR 5500 System Administration Guide, StarOS Release 19...
Autoconfirm is intended as an "ease-of-use" feature. It presumes that the answer to "Are you sure? [Y/N]" prompts will be "Yes", and skips the prompt. Its use implies that the user is an expert who does not need these "safety-net" prompts. ASR 5500 System Administration Guide, StarOS Release 19...
• exec-command exec_mode_category specifies one of the following categories of Exec mode configuration commands. ◦ card ◦ clear ◦ copy ◦ debug ◦ delete ◦ filesystem ◦ hd ◦ reload ◦ rename ASR 5500 System Administration Guide, StarOS Release 19...
An Inspector cannot execute show configuration commands and does not have the privilege to enter the Config Mode. Configuration instructions are categorized according to the type of administrative user: context-level or local-user. ASR 5500 System Administration Guide, StarOS Release 19...
Refer to the Command Line Interface Reference for more information about the config-administrator command. • The nopassword option allows you to create a config-administrator without an associated password. Enable this option when using ssh public keys (authorized key command in SSH Configuration mode) ASR 5500 System Administration Guide, StarOS Release 19...
Save the configuration as described in the Verifying and Saving Your Configuration chapter. Verifying Context-level Administrative User Configuration Verify that the configuration was successful by entering the following command: show configuration context local ASR 5500 System Administration Guide, StarOS Release 19...
In this example, a local-user named SAUser was configured. Username: SAUser Auth Level: secadmin Last Login: Never Login Failures: Password Expired: Locked: Suspended: Lockout on Pw Aging: Lockout on Login Fail: Yes ASR 5500 System Administration Guide, StarOS Release 19...
Associating an SFTP root Directory with a Local User The local-user username command allows an administrator to associate an SFTP root directory with a specified username. configure local-user username user_name authorization-level level ftp sftp-server sftp_name password password exit ASR 5500 System Administration Guide, StarOS Release 19...
Once configured and enabled on the system, TACACS+ authentication is attempted first. By default, if TACACS+ authentication fails, the system then attempts to authenticate the user using non-TACACS+ AAA services, such as RADIUS. ASR 5500 System Administration Guide, StarOS Release 19...
StarOS User Account Requirements TACACS+ users who are allowed administrative access to the system must have the following user account information defined in StarOS: • username • password • administrative role and privileges ASR 5500 System Administration Guide, StarOS Release 19...
Save the configuration as described in the Verifying and Saving Your Configuration chapter. For complete information on all TACACS+ Configuration Mode commands and options, refer to the Important TACACS Configuration Mode Commands chapter in the Command Line Reference. ASR 5500 System Administration Guide, StarOS Release 19...
: user login complete current privilege level : 15 remote client application : ssh remote client ip address : 111.11.11.11 last server reply status : -1 total TACACS+ sessions ASR 5500 System Administration Guide, StarOS Release 19...
The key_string is an alphanumeric string of 1 through 16 characters. The chassis key is stored as a one-way encrypted value, much like a password. For this reason, the chassis key value is never displayed in plain-text form. ASR 5500 System Administration Guide, StarOS Release 19...
To run the Quick Setup Wizard, execute the Exec mode setup command. host_name setup [local] 1. Do you wish to continue with the Quick Setup Wizard[yes/no]: 2. Enable basic configuration[yes/no]: 3. Change chassis key value[yes/no]: key_string 4. New chassis key value: ASR 5500 System Administration Guide, StarOS Release 19...
The ports on MIOs keep their original MAC addresses, and the system automatically copies the failed MIO/UMIO's configuration parameters to its redundant counterpart. Port redundancy can be configured to be revertive or non-revertive. With revertive redundancy service is returned to the original port when service is restored. ASR 5500 System Administration Guide, StarOS Release 19...
Page 79
6/1 the active port. The switching device, using some port redundancy scheme, recognizes the failure and enables ASR 5500 System Administration Guide, StarOS Release 19...
• If you do specify a preference, redundancy is revertive to the specified card. If you do not specify a preference, redundancy is non-revertive. • Repeat for each additional port that you want to make preferred. Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
This section describes how to activate DPC/UDPCs or DPC2/UDPC2s and specify their redundancy. Important Refer to the ASR 5500 Installation Guide for information about system hardware configurations and redundancy. Enter the following command to check the operational status of all DPC types:...
A large file is guaranteed to be sent over one of the links, which removes the need to address out-of-order packets. ASR 5500 System Administration Guide, StarOS Release 19...
LAG to switch to the other MIO/UMIO when a specified threshold is crossed. This works in a way similar to the auto-switch feature for port redundancy. LACP runs between the ASR 5500 and the Ethernet switch, exchanging relevant pieces on information, such as health status.
You can define which card is preferred per LAG group as a preferred slot. When a preferred MIO/UMIO slot is specified, it is selected for the initial timeout period to make the selection of a switch less random. ASR 5500 System Administration Guide, StarOS Release 19...
Each system that participates in link aggregation has a unique system ID that consists of a two-byte priority (where the lowest number [0] has the highest priority) and a six-byte MAC address derived from the first ASR 5500 System Administration Guide, StarOS Release 19...
Use the min-link keyword option in the Global Configuration mode link-aggregation command to enable this feature. configure port ethernet slot/port link-aggreagation master ( global | group } number min-link number_links ASR 5500 System Administration Guide, StarOS Release 19...
Figure 10: Non-Redundant LAG Configuration with Single LAG Group In the above configuration, there is a single, primary LAG. All ports work as a single bundle of ports that distribute the traffic. ASR 5500 System Administration Guide, StarOS Release 19...
LAG. However, if the aggregating ports are loaded with more than 50% of their capacity and an MIO/UMIO failure/switchover occurs, the ASR 5500 configured port capacity is oversubscribed and an indeterminate amount of sessions are dropped and traffic lost.
Caution Enabling the Demux on MIO/UMIO feature changes resource allocations within the system. This directly impacts an upgrade or downgrade between StarOS versions in ICSR configurations. Contact Cisco TAC for procedural assistance prior to upgrading or downgrading your ICSR deployment.
• You should not enable demux functionality on MIO/UMIO for configurations that require a large number of tunnels. • After the ASR 5500 has booted with demux functions running on an MIO/UMIO, you cannot configure non-supported services. A maximum of eight Demux Managers are supported. Any attempt to add more than eight Demux Managers will be blocked.
IIOP Transport Parameters, on page 64 Step 3 View your new ORBEM configuration by following the steps in Verifying ORBEM Parameters, on page 65 Step 4 Save the configuration as described in Verifying and Saving Your Configuration. ASR 5500 System Administration Guide, StarOS Release 19...
• If you are using the Secure Sockets Layer (SSL) option, do not enable the IIOP transport parameter. • You configure the ORBEM interface to use SSL by specifying a certificate and private key. ASR 5500 System Administration Guide, StarOS Release 19...
: 87950 usecs SNMP MIB Browser This section provides instructions to access the latest Cisco Starent MIB files using a MIB Browser. An updated MIB file accompanies every StarOS release. For assistance to set up an account and access files, please contact your Cisco sales or service representative for additional information.
Page 94
Use the following procedure to view the SNMP MIBs for a specific StarOS build : Step 1 Contact Cisco sales or a service representative, to obtain access to the MIB files for a specific StarOS release. Step 2 Download the compressed companion file to a folder on your desktop. The file name follows the convention: companion_xx.x.x.tgz...
Page 95
Important For information on SNMP MIBs changes for a specific release, refer to the SNMP MIB Changes in Release xx chapter of the appropriate version of the to the Release Change Reference. ASR 5500 System Administration Guide, StarOS Release 19...
• The system contact is the name of the person to contact when traps are generated that indicate an error condition. • An snmp community string is a password that allows access to system management information bases (MIBs). ASR 5500 System Administration Guide, StarOS Release 19...
• The snmp user name is for SNMP v3 and is optional. There are numerous keyword options associated with this command. • Use the snmp mib command to enable other industry standard and Cisco MIBs. By default only the STARENT-MIB is enabled.
If at a later time you wish to re-enable a trap that was previously suppressed, use the snmp trap enable command. Step 2 Save the configuration as described in Verifying and Saving Your Configuration. ASR 5500 System Administration Guide, StarOS Release 19...
This command displays errors it finds within the configuration. For example, if you have created a service named "service1", but entered it as "srv1" in another part of the configuration, the system displays this error. ASR 5500 System Administration Guide, StarOS Release 19...
Line Interface Reference. Do not use the "/" (forward slash), ":" (colon) or "@" (at sign) characters when entering a string for the Important following URL fields: directory, filename, username, password, host or port#. ASR 5500 System Administration Guide, StarOS Release 19...
Page 102
To save a configuration file called system.cfg to a directory that was previously created called cfgfiles to the flash memory on the active MIO/UMIO, enter the following command: save configuration /flash/cfgfiles/system.cfg save configuration sftp://administrator:secure@192.168.34.156/host_name_configs/ simple_ip.cfg ASR 5500 System Administration Guide, StarOS Release 19...
In many cases, other commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands. To create a context, apply the following example configuration: configure context name Repeat to configure additional contexts. ASR 5500 System Administration Guide, StarOS Release 19...
To ensure that system line card and port-level redundancy mechanisms function properly, the Spanning Tree protocol must be disabled on devices connected directly to any system port. Failure to turn off the Spanning Tree protocol may result in failures in the redundancy mechanisms or service outage. ASR 5500 System Administration Guide, StarOS Release 19...
• Binding associates the port and all of its settings to the named interface. Configuring a Static Route for an Interface Use the following example to configure a static route for an interface: configure context name ASR 5500 System Administration Guide, StarOS Release 19...
5/11 description MIO5/11_RP1 no shutdown bind interface rp1 source #end Step 3 Verify that your static route(s) was configured properly by entering the following command: context_name host_name show ip static-route ASR 5500 System Administration Guide, StarOS Release 19...
Page 107
IP address of 192.168.250.1. Destination Nexthop Protocol Prec Cost Interface 0.0.0.0/0 192.168.250.1 Static MIO1 0.0.0.0/0 192.168.250.1 Static rp1 source Step 4 Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
Page 108
System Interfaces and Ports Viewing and Verifying Port Configuration ASR 5500 System Administration Guide, StarOS Release 19...
C H A P T E R System Security This chapter describes the security features supported on the ASR 5500 platform. This chapter explores the following topics: • Per-Chassis Key Identifier, page 81 • Encrypted SNMP Community Strings, page 84 •...
StarOS will not be able to decrypt the password/secrets stored in the configuration file. MIO Synchronization On boot up both MIO/UMIOs automatically read the chassis key configured on the ASR 5500 midplane. Protection of Passwords Users with privilege levels of Inspector and Operator cannot display decrypted passwords in the configuration file via the command line interface (CLI).
ICSR chassis share the same chassis key. If the ISCR detects that the two chassis have incompatible chassis keys, an error message is logged but the ICSR system will continue to run. Without the matching chassis key, ASR 5500 System Administration Guide, StarOS Release 19...
A maximum of five LI server addresses are supported via an authenticating agent. Important The ability to restrict destination addresses for LI content and event delivery using RADIUS attributes is Important supported only for PDSN and HA gateways. ASR 5500 System Administration Guide, StarOS Release 19...
Adding, Modifying and Removing Users It is considered uncommon for a user to be added or removed from the ASR 5500. Likewise, it is considered uncommon for a user's privileges to modified. However, if the system is compromised, it is common for attackers to add or remove a privileged user, raise their privileges or lower the privileges of others.
CLI test-commands are intended for diagnostic use only. Access to these commands is not required during normal system operation. These commands are intended for use by Cisco TAC personnel only. Some of these commands can slow system performance, drop subscribers, and/or render the system inoperable.
Warning: Test commands enables internal testing and debugging commands USE OF THIS MODE MAY CAUSE SIGNIFICANT SERVICE INTERRUPTION An SNMP trap (starTestModeEntered) is generated whenever a user enters CLI test-commands mode. Important ASR 5500 System Administration Guide, StarOS Release 19...
Page 116
System Security Configuration Mode cli test-commands ASR 5500 System Administration Guide, StarOS Release 19...
• Operating System Software Image File: This binary file type is identified by its .bin extension. The file is the operating system that is loaded by the system upon startup or reloading. This is an executable, read-only file that cannot be modified by end users. ASR 5500 System Administration Guide, StarOS Release 19...
Exec Mode. Unless otherwise specified, you must have security administrator or administrator privileges to execute these commands. File System Management Commands Use the commands in this section to manage and organize the local file system. ASR 5500 System Administration Guide, StarOS Release 19...
Use the rename command only within the same local device. You cannot rename a file and place it onto Important another local device at the same time. To move a renamed file, you must use the copy command. ASR 5500 System Administration Guide, StarOS Release 19...
The format command performs a low-level format of a local device. This operation formats the device to use the FAT16 formatting method, which is required for proper read/write functionality with the operating system. ASR 5500 System Administration Guide, StarOS Release 19...
The contents, usage information, and file system directory structure of any local device can be viewed by entering the following command at the Exec mode prompt: directory { /flash | /usb1 | /hd-raid } ASR 5500 System Administration Guide, StarOS Release 19...
If an invalid file is found, the system displays a failure message similar to these: image_version Failure: Image /flash/ .bin CRC check failed! image_version Failure: /flash/ .bin, has a bad magic number ASR 5500 System Administration Guide, StarOS Release 19...
The examples below shows the command output for a local booting configuration. Notice that in these examples both the image file (operating system software) and configuration file (CLI commands) are located on the /flash device. ASR 5500 System Administration Guide, StarOS Release 19...
Page 124
To identify the boot image priority that was loaded at the initial boot time enter: show boot initial-config The example below displays the output: host_name show boot initial-config [local] Initial (boot time) configuration: image_version image tftp://192.168.1.161/tftpboot/ .bin \ config_name config /flash/ .cfg priority 1 ASR 5500 System Administration Guide, StarOS Release 19...
Network Booting Configuration Requirements Configuring the Boot Interface Boot interface parameters define the MIO/UMIO management LAN interface that the system will use to communicate with the management network when using the network booting method. ASR 5500 System Administration Guide, StarOS Release 19...
The following command configures the boot network to communicate using DHCP, with a static-fallback IP address for MIO/UMIO in slot 5 of 192.168.206.101 and a Class C netmask. host_name boot networkconfig dhcp-static-fallback ip address mio5 192.168.206.101 netmask [local] (config)# 255.255.255.0 ASR 5500 System Administration Guide, StarOS Release 19...
Save the configuration as described in the Verifying and Saving Your Configuration chapter. Upgrading the Operating System Software The following information is required prior to performing a software upgrade: • Current operating system version • New operating system version • Upgrade method ASR 5500 System Administration Guide, StarOS Release 19...
[local] Download the Software Image from the Support Site Access to the Cisco support site and download facility is username and password controlled. You must have an active customer account to access the site and download the StarOS image. Download the software image to a network location or physical device (USB stick) from which it can be uploaded to the /flash device.
If you attempt to load a v15 configuration file on the downgraded chassis, StarOS will not be able to decrypt the password/secrets stored in the configuration file. ASR 5500 System Administration Guide, StarOS Release 19...
2048 alphanumeric characters. Note that banner_text must begin with and end in quotation marks (" "). For more information in entering ASR 5500 System Administration Guide, StarOS Release 19...
Synchronize the local file systems on the management cards by entering the following command: host_name filesystem synchronize all [local] Save the Running Configuration Save the currently running, upgraded configuration prior to rebooting the chassis. ASR 5500 System Administration Guide, StarOS Release 19...
Patching is the process used to install a plugin as an incremental update to a StarOS release. One plugin can be provided to multiple, compatible, concurrent product releases. A plugin is distributed in the form of a compressed distribution kit via the internet or by other means (USB stick, CD, etc.). ASR 5500 System Administration Guide, StarOS Release 19...
With no license key installed, the session use licenses for PDSN, HA, GGSN, and L2TP LNS are limited to 10,000 sessions. The license keys on the ASR 5500 are stored in EEPROM on the chassis midplane. Both MIO/UMIOs access this EEPROM when booting.
Adding License Keys to Configuration Files License keys can be added to a new or existing configuration file. ASR 5500 System Administration Guide, StarOS Release 19...
• Midplane (chassis) serial number To obtain the ASR 5500 chassis serial number, at the Exec mode prompt enter the show card hardware 5 command. Look under the "MEC" heading for the "UDI Serial Number" as shown in the example below:...
The output of this command should display: "No license key installed". Management Card Replacement and License Keys License keys are stored on a midplane EEPROM in the ASR 5500 chassis. The MIO/UMIOs share these license keys. There is no need to swap memory cards into replacement MIO/UMIOs.
Changing Local-User Passwords Local-user administrative users can change their passwords using the password change command in the Exec mode. Users are prompted to enter their current and new passwords. ASR 5500 System Administration Guide, StarOS Release 19...
Page 138
All new passwords must adhere to the password properties configured for the system. ASR 5500 System Administration Guide, StarOS Release 19...
Output descriptions for most of the commands are located in the Statistics and Counters Reference. Table 7: System Status and Performance Monitoring Commands To do this: Enter this command: View Administrative Information Display Current Administrative User Access ASR 5500 System Administration Guide, StarOS Release 19...
Page 140
Display SNMP Trap Statistics View SNMP Trap Statistics show snmp trap statistics Display ORBEM Information View ORBEM client status show orbem client id View ORBEM session information show orbem session table ASR 5500 System Administration Guide, StarOS Release 19...
Some commands produce different outputs, depending on the platform type. Table 8: Hardware Monitoring Commands To do this: Enter this command: View the Status of the Power System View the status of the PFUs show power chassis ASR 5500 System Administration Guide, StarOS Release 19...
Page 142
View runtime, or real time, information show card info slot_number View the LED Status of All Installed Cards Refer to the descriptions of card-level and system-level LEDs in the ASR 5500 Installation Guide for detailed information. Note View the LED status for all installed cards...
The configuration example in this section defines basic operation of the bulk statistics feature. Use the following example configuration to set up the system to communicate with the statistic collection server: configure bulkstats mode schema name format format_string sample-interval time_interval transfer-interval xmit_time_interval limit mem_limit exit bulkstats collection ASR 5500 System Administration Guide, StarOS Release 19...
Viewing Collected Bulk Statistics Data, on page 118. • show bulkstats schemas – displays the scheme used to gather statistics including collection and transmission statistics. See Verifying Your Configuration, on page 117. ASR 5500 System Administration Guide, StarOS Release 19...
Total records discarded: Total bytes discarded: Last transfer time required: 0 second(s) No successful data transfers No attempted data transfe File 2 not configured File 3 not configured File 4 not configured ASR 5500 System Administration Guide, StarOS Release 19...
The clear bulkstats data command clears any accumulated data that has not been transferred. This includes any "completed" files that have not been successfully transferred. Bulkstats Schema Nomenclature This section describes the nomenclature associated with configuring and viewing bulkstats. ASR 5500 System Administration Guide, StarOS Release 19...
Additional Information Local File Open Error 31002 Warning "Unable to open local file filename for storing bulkstats data" Receiver Open Error 31018 Warning "Unable to open url filename for storing bulkstats data" ASR 5500 System Administration Guide, StarOS Release 19...
Page 148
Severity Additional Information Receiver Write Error 31019 Warning "Unable to write to url filename while storing bulkstats data" Receiver Close Error 31020 Warning "Unable to close url filename while storing bulkstats data" ASR 5500 System Administration Guide, StarOS Release 19...
• Event: Event logging can be used to determine system status and capture important information pertaining to protocols and tasks in use by the system. This is a global function that will be applied to all contexts, sessions, and processes. ASR 5500 System Administration Guide, StarOS Release 19...
You can filter the contents of event logs at the Exec mode and Global Configuration mode levels. For additional information, see the Command Line Interface Reference. Exec Mode Filtering These commands allow you to limit the amount of data contained in logs without changing global logging parameters. ASR 5500 System Administration Guide, StarOS Release 19...
Repeat to disable logging for additional event IDs or event ID ranges. Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
When active logs are written to the active memory buffer, they are available to all users in all CLI instances. Use the following example to configure active logging in Global Configuration mode: host_name logging filter runtime facility facility level report_level [local] (config)# Notes: ASR 5500 System Administration Guide, StarOS Release 19...
Page 156
• hnb-gw: HNB-GW (3G Femto GW) logging facility (Do not use this keyword for HNB-GW in Release • hnbmgr: HNB-GW Demux Manager logging facility (Do not use this keyword for HNB-GW in Release ASR 5500 System Administration Guide, StarOS Release 19...
Page 157
GMM and the BSSGP layers for logical links between the MS and the SGSN • local-policy: Local Policy Service facility • location-service: Location Services facility • m3ap: M3 Application Protocol facility • m3ua: M3UA Protocol logging facility • magmgr: Mobile Access Gateway manager logging facility ASR 5500 System Administration Guide, StarOS Release 19...
Page 160
• sitmain: System Initialization Task main logging facility • sls: Service Level Specification (SLS) protocol logging facility • sm-app: SM Protocol logging facility • sms: Short Message Service (SMS) logging messages between the MS and the SMSC ASR 5500 System Administration Guide, StarOS Release 19...
Repeat to configure additional monitor log targets. Disabling Monitor Logs Use the following example to disable monitor logs: configure no logging monitor { ip_addr | ipv6_addr | msid id | username name } ASR 5500 System Administration Guide, StarOS Release 19...
• From the syslog server: If the system is configured to send logs to a syslog server, the logs can be viewed directly on the syslog server. • From the system CLI: Logs stored in the system memory buffers can be viewed directly from the CLI. ASR 5500 System Administration Guide, StarOS Release 19...
CPU (minicore), NPU or kernel crash. The logged events are recorded into fixed length records and stored in /flash/crashlog2. Whenever a crash occurs, the following crash information is stored: 1 The event record is stored in /flash/crashlog2 file (the crash log). ASR 5500 System Administration Guide, StarOS Release 19...
• Network Server: Any workstation or server on the network that the system can access using the Trivial File Transfer Protocol (TFTP), the File Transfer Protocol (FTP), the Secure File Transfer Protocol ASR 5500 System Administration Guide, StarOS Release 19...
• SW Version – StarOS build release in format: RR.n(bbbbb) • Similar Crash Count – number of similar crashes • Time of first crash – timestamp when first crash occurred in format: YYYY-MMM-DD+hh:mm:ss ASR 5500 System Administration Guide, StarOS Release 19...
Checkpointing logs should be done periodically to prevent the log files becoming full. Logs which have Important 50,000 events logged will discard the oldest events first as new events are logged. ASR 5500 System Administration Guide, StarOS Release 19...
CLI session ended for Security Administrator admin on device /dev/pts/2 The following table describes the elements of contained in the sample output. Table 12: Event Element Descriptions Element Description 2011-Dec-11+5:18:41.993 Date/Timestamp indicating when the event was generated ASR 5500 System Administration Guide, StarOS Release 19...
Page 178
Indicates that the event was generated because of system operation. CLI session ended for Security Administrator The event's details. Event details may, or may not include admin on device /dev/pts/2 variables that are specific to the occurrence of the event. ASR 5500 System Administration Guide, StarOS Release 19...
This chapter provides information and instructions for using the system command line interface (CLI) for troubleshooting any issues that may arise during system operation. Refer to the ASR 5500 Installation Guide for comprehensive descriptions of the hardware components addressed by these troubleshooting procedures.
Power-On Self Tests (POSTs) to ensure that the hardware is operational. These tests also verify that the card meets all license requirements to operate in this chassis. Refer to Chassis Universal License Requirements in the ASR 5500 Installation Guide for additional information on the effect licenses and card types have on the boot process.
Page 181
PDP to the chassis for continuity. If all of the above suggestions have been verified, then it is likely that the PFU is not functional. Please contact your service representative. ASR 5500 System Administration Guide, StarOS Release 19...
The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information in the table to diagnose the problem. Table 14: MIO Run/Fail LED States Color Description Troubleshooting Green Card powered with no errors None needed. detected ASR 5500 System Administration Guide, StarOS Release 19...
Verify that the power source is supplying ample voltage and current to the chassis. Verify that the card is properly installed per the instructions in the ASR 5500 Installation Guide. If all of the above suggestions have been verified, it is possible that the MIO is not functional.
Blinking Green Tasks or processes being Refer to Monitoring the System for information on determining the status of the migrated from the active MIO MIO/UMIO and system software processes. to the standby MIO. ASR 5500 System Administration Guide, StarOS Release 19...
Color Description Troubleshooting Green Link is up None needed. NOTE: This LED will not indicate the presence of a network link until the interface parameters are set during the software configuration process. ASR 5500 System Administration Guide, StarOS Release 19...
None needed if there is no activity on the link. Prior to interface the link configuration, this is normal operation. Checking the LEDs on the DPC Each DPC/UDPC or /DPC2/UDPC2 is equipped with status LEDs as listed below: • Run/Fail • Active ASR 5500 System Administration Guide, StarOS Release 19...
Card powered up with error(s) Errors were detected during the Power On Self Tests (POSTs). It is likely that detected. the errors were logged to the system's command line interface during boot. ASR 5500 System Administration Guide, StarOS Release 19...
Check the state of the Redundancy LED. If it is green, the card is in standby mode. This is normal operation for the initial power-up. If needed, refer to the Configuring DPC Availability section of System Settings for information on making the card active. ASR 5500 System Administration Guide, StarOS Release 19...
Card has failed. Checking the LEDs on the FSC Each FSC is equipped with the following LEDs as shown in the accompanying figure: • Run/Fail • Active • Redundancy • Drive 1 Activity ASR 5500 System Administration Guide, StarOS Release 19...
Card powered with error(s) Errors were detected during the Power On Self Tests (POSTs). It is likely that detected the errors were logged to the system's command line interface during boot. ASR 5500 System Administration Guide, StarOS Release 19...
Verify that the power source is supplying ample voltage and current to the chassis. Verify that the card is properly installed per the instructions in the ASR 5500 Installation Guide. If all of the above suggestions have been verified, it is possible that the FSC is not functional.
Verify that the Run/Fail LED is green. If so, the card is receiving power and POST results are positive. If it is off, refer to FSC Run/Fail LED States, on page 162 for troubleshooting information. ASR 5500 System Administration Guide, StarOS Release 19...
The SSC Run/Fail LED indicates the overall status of the card. This LED should be green for normal operation. The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information in the table to diagnose the problem. ASR 5500 System Administration Guide, StarOS Release 19...
Verify that the power source is supplying ample voltage and current to the chassis. Verify that the card is properly installed per the instructions in the ASR 5500 Installation Guide. If all of the above suggestions have been verified, it is possible that the SSC is not functional.
Verify that the Run/Fail LED is green. If so, the card is receiving power and POST results are positive. If it is off, refer to the SSC Run/Fail LED States section for troubleshooting information. ASR 5500 System Administration Guide, StarOS Release 19...
The system provides several redundancy and fail-over mechanisms to address issues with application and line cards in order to minimize system downtime and data loss. These mechanisms are described in the sections that follow. ASR 5500 System Administration Guide, StarOS Release 19...
Verify that the busy-out was successful by entering the show card table command at the Exec mode prompt: Check the entry in the Oper State column next to the DPC/UDPC just busied-out. Its state should be Standby. ASR 5500 System Administration Guide, StarOS Release 19...
FSCs. There are similar restrictions when executing the card reboot or card upgrade commands on active FSCs. Refer to the Command Line Interface Reference for detailed information. ASR 5500 System Administration Guide, StarOS Release 19...
The commands specified in this section should be issued on a context-by-context basis. Contexts act like virtual private networks (VPNs) that operate independently of other contexts. Ports, interfaces, and routes configured in one context cannot be tested from another context without additional configuration. ASR 5500 System Administration Guide, StarOS Release 19...
• If there is still no response, it is likely that the packets are getting discarded by a network device. Use the traceroute or traceroute6 and show ip static-route commands discussed in this chapter to further troubleshoot the issue. ASR 5500 System Administration Guide, StarOS Release 19...
The following displays a sample of this command's output showing a context IPv4 routing table. "*" indicates the Best or Used route. Destination Nexthop Protocol Prec Cost Interface *0.0.0.0/0 10.0.4.1 static SPIO1 ASR 5500 System Administration Guide, StarOS Release 19...
Important section. Using the Monitor Utility For troubleshooting purposes, the system provides a protocol monitoring utility. This tool displays protocol information for a particular subscriber session or for every session being processed. ASR 5500 System Administration Guide, StarOS Release 19...
(C, D, E, etc.). To increase or decrease the verbosity, use the plus ( + ) or minus ( - ) keys. The current state, ON (enabled) or OFF (disabled), is shown to the right of each option. Step 7 Press the Enter key to refresh the screen and begin monitoring. ASR 5500 System Administration Guide, StarOS Release 19...
These core dumps provide specific memory locations and other information about the event. This information is useful to the technical support team in identifying where and when an event occurred along with its probably cause. ASR 5500 System Administration Guide, StarOS Release 19...
Technical Assistance Center (TAC) personnel and local administrators can review the SDRs on-line or by transferring them off the system. They may also wish to investigate the collector state information. Refer to the Support Data Collector chapter for a complete description of SDC functionality. ASR 5500 System Administration Guide, StarOS Release 19...
The boot recovery command line interface allows you to specify from which boot image you would like to boot the system. If the system failed to reload following a software update, you can initiate a boot from a previously stored image. ASR 5500 System Administration Guide, StarOS Release 19...
.bin config: /flash/system.cfg Entry at 0x000000000cba45e0 Press CTRL+C at this point in the sequence. A message similar to the following appears after the boot process has been interrupted: *******9/0 Ctrl-C Pressed------------------------------------------------------- Failed. ASR 5500 System Administration Guide, StarOS Release 19...
Starting program at 0x0000000000100000 Starent Networks ASR5x00 Intelligent Mobile Gateway management_card is starting up......image_version_number Starting software No configuration found, press enter to continue. 1. Do you wish to continue with the Quick Setup Wizard[yes/no]: ASR 5500 System Administration Guide, StarOS Release 19...
8/0:cli>boot -config=/flash/system.cfg /flash/image_filename.bin The boot sequence ends with the appearance of the CLI prompt. host_name [local] Confirm that the desired configuration has loaded by running the Exec mode show configuration command. ASR 5500 System Administration Guide, StarOS Release 19...
Once configured, an ACL can be applied to any of the following: • An individual interface • All traffic facilitated by a context (known as a policy ACL) • An individual subscriber • All subscriber sessions facilitated by a specific context ASR 5500 System Administration Guide, StarOS Release 19...
APN for UMTS subscribers. Criteria Each ACL consists of one or more rules specifying the criteria that packets will be compared against. The following criteria are supported: ASR 5500 System Administration Guide, StarOS Release 19...
Page 213
• UDP: The rule applies to any User Datagram Protocol (UDP) traffic and could be filtered on any combination of source/destination IP addresses, a specific port number, or a group of port numbers. UDP port numbers definitions can be found at www.iana.org. ASR 5500 System Administration Guide, StarOS Release 19...
For additional information refer to the Verifying and Saving Your Configuration chapter. Creating ACLs To create an ACL, enter the following command sequence from the Exec mode of the system CLI: configure context acl_ctxt_name [ -noconfirm ] ASR 5500 System Administration Guide, StarOS Release 19...
The default action is to "permit all". To modify the default behavior for unidentified ACLs, use the following configuration: configure context acl_ctxt_name [-noconfirm] access-list undefined { deny-all | permit-all } Notes: ASR 5500 System Administration Guide, StarOS Release 19...
ACLs must be configured in the same context in which the subscribers and/or interfaces to which they Important are to be applied. Similarly, ACLs to be applied to a context must be configured in that context. ASR 5500 System Administration Guide, StarOS Release 19...
Page 217
A context ACL (policy ACL) configured in the Source Context is applied prior to forwarding. An outbound ACL configured on the interface in the Source Context through which the packet is being forwarded, is applied to the tunneled data (such as the outer IP header). ASR 5500 System Administration Guide, StarOS Release 19...
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
• The context-level ACL is applied to outgoing packets. This applies to incoming packets also if the flow match criteria fails and forwarded again. The in and out keywords are deprecated and are only present for backward compatibility. Context ACL will be applied in the following cases: ASR 5500 System Administration Guide, StarOS Release 19...
ACL(s) was/were applied. The output of this command displays the configuration of the entire context. Examine the output for the commands pertaining to interface configuration. The commands display the ACL(s) applied using this procedure. ASR 5500 System Administration Guide, StarOS Release 19...
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
{ ip | ipv6 } access-group acl_list_name [ in | out ] Notes: • The context name is the name of the ACL context containing the interface to which the ACL is to be applied. ASR 5500 System Administration Guide, StarOS Release 19...
Applying an ACL to Service-specified Default Subscriber This section provides information and instructions for applying an ACL to the subscriber to be used as the "default" profile by various system services. ASR 5500 System Administration Guide, StarOS Release 19...
Verifying the ACL Configuration to Service-specified Default Subscriber To verify the ACL configuration. Verify that your ACL lists were applied properly by entering the following command in Exec Mode: host_name show configuration context context_name [local] ASR 5500 System Administration Guide, StarOS Release 19...
NOTE: The profile for the subscriber named default is not used to provide missing information for subscribers configured locally. ASR 5500 System Administration Guide, StarOS Release 19...
To reduce configuration time, ACLs can alternatively be applied to APN templates for GGSN subscribers. When configured, any subscriber packets facilitated by the APN template would then have the associated ACL applied. This section provides information and instructions for applying an ACL to an APN template. ASR 5500 System Administration Guide, StarOS Release 19...
• Service Congestion Policies: Congestion policies are configurable for each service. These policies dictate how services respond when the system detects that a congestion condition threshold has been crossed. ASR 5500 System Administration Guide, StarOS Release 19...
If a threshold level is not specified, the default is critical. Currently, major and minor thresholds are only supported for the MME. The congestion-action-profile command under lte-policy defines the action to be taken when thresholds are exceeded. See Global Configuration ASR 5500 System Administration Guide, StarOS Release 19...
To create a congestion control policy with overload reporting, apply the following example configuration: configure congestion-control policy mme-service action report-overload reject-new-sessions enodeb-percentage percentage Notes: • Other overload actions include permit-emergency-sessions and reject-non-emergency-sessions. ASR 5500 System Administration Guide, StarOS Release 19...
During periods of heavy system load, it may be necessary to disconnect subscribers in order to maintain an acceptable level of system performance. You can establish thresholds to select subscribers to disconnect based on the length of time that a call has been connected or inactive. ASR 5500 System Administration Guide, StarOS Release 19...
Page 233
To disable the overload disconnect feature for this subscriber, use the following configuration example: configure context context_name subscriber subscriber_name no overload-disconnect { [threshold inactivity-time] | [threshold connect-time] } Notes: • overload-disconnect is not supported for the Call Session Control Function (CSCF) service. ASR 5500 System Administration Guide, StarOS Release 19...
Page 234
Congestion Control Enabling Congestion Control Redirect Overload Policy ASR 5500 System Administration Guide, StarOS Release 19...
Autonomous System (AS) paths. • Route Maps – Route-maps provide detailed control over routes during route selection or route advertisement by a routing protocol, and in route redistribution between routing protocols. For this level ASR 5500 System Administration Guide, StarOS Release 19...
Use the following procedure to create an AS Path Access List: config context context_name ip as-path access-list list_name [ { deny | permit } reg_expr ] Notes: • Save your configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
• Name of the interface in the current context that the route must use • Next hop IP address On the ASR 5000, static routes with IPv6 prefix lengths less than /12 and between the range of /64 and Important /128 are not supported. ASR 5500 System Administration Guide, StarOS Release 19...
It also describes how to enable the base OSPF functionality and lists the commands that are available for more complex configurations. You must purchase and install a license key before you can use this feature. Contact your Cisco account representative for more information on licenses.
Each external route can also be tagged by the advertising router, enabling the passing of additional information between routers on the boundary of the AS. OSPF uses a link-state algorithm to build and calculate the shortest path to all known destinations. ASR 5500 System Administration Guide, StarOS Release 19...
OSPF areas. This is an optional configuration. config context context_name router ospf redistribute { connected | static } Notes: • Save your configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
Use the following configuration example to enable OSPF Routing for a specific context: config context context_name router ospfv3 Notes: • Save your configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5500 System Administration Guide, StarOS Release 19...
ECMP can be used in conjunction with most routing protocols, since it is a per-hop decision that is limited to a single router. It potentially offers substantial increases in bandwidth by load-balancing traffic over multiple paths ASR 5500 System Administration Guide, StarOS Release 19...
The objective of BGP-4 protocol support is to satisfy routing requirements and monitor communications with Internet routers. BGP-4 may trigger an active to standby switchover to keep subscriber services from being interrupted. The following BGP-4 features are supported: • Exterior Border Gateway Protocol (EBGP) multi-hop ASR 5500 System Administration Guide, StarOS Release 19...
Command Line Interface Reference. Multiple community-list entries can be attached to a community-list by adding multiple permit or deny clauses for various community strings. Up to 64 community-lists can be configured in a context. ASR 5500 System Administration Guide, StarOS Release 19...
Multiple extended community-list entries can be attached to an extended community-list by adding multiple permit or deny clauses for various extended community strings. Up to 64 extended community-lists can be configured in a context. ASR 5500 System Administration Guide, StarOS Release 19...
An SRP Configuration mode command enables advertising BGP routes from an ICSR chassis in standby state. This command and its keywords allow an operator to take advantage of faster network convergence accrued ASR 5500 System Administration Guide, StarOS Release 19...
The following table lists the BGP Configuration mode CLI commands that support the configuration of various BGP parameters. For additional information, refer to the BGP Configuration Mode Commands chapter of the Command Line Interface Reference ASR 5500 System Administration Guide, StarOS Release 19...
Page 249
VRF. This maximum-paths { ebgp max_num | ibgp max_num Enables forwarding packets over multiple paths and specifies the maximum number of external BGP (eBGP) or internal BGP (iBGP) paths between neighbors. ASR 5500 System Administration Guide, StarOS Release 19...
BFD establishes a session between two endpoints over a particular link. If more than one link exists between two systems, multiple BFD sessions may be established to monitor each one of ASR 5500 System Administration Guide, StarOS Release 19...
Associating OSPF Neighbors with the Context, on page 226 • Associating BFD Neighbor Groups with the BFD Protocol, on page 226 • Enabling BFD on OSPF Interfaces, on page 227 • Monitoring BFD Connection for ICSR, on page 227 ASR 5500 System Administration Guide, StarOS Release 19...
Configure a Multihop BFD session. bfd-protocol bfd multihop peer destination-address interval interval-value multiplier multiplier-value Enable BFD on a BGP Neighbor. For additional information, see Associating BGP Neighbors with the Context, on page 226. ASR 5500 System Administration Guide, StarOS Release 19...
BGP routes from a Standby ICSR chassis. The overall goal is to support more aggressive failure detection and recovery in an ICSR configuration when implementing of VoLTE. You must configure the following features for chassis-to-chassis BFD monitoring in ICSR configurations: ASR 5500 System Administration Guide, StarOS Release 19...
(post ICSR switchover) while the network is still converging. ◦damping-period – configures a delay time to trigger an ICSR switchover due to a monitoring failure within the guard-period. ◦guard-period – configures the local-failure-recovery network-convergence timer. ASR 5500 System Administration Guide, StarOS Release 19...
] [ precedence precedence ] [ vrf vrf_name [ cost value ] [ fall-over bfd multihop mhsess_name ] [ precedence precedence ] + The ip route command now also allows you to add a static multihop BFD route. ip route static multihop bfd mhbfd_sess_name local_endpt_ipaddr remote_endpt_ipaddr ASR 5500 System Administration Guide, StarOS Release 19...
BFD Support for Link Aggregation Member Links Member-link based BFD detects individual link failures faster than LACP and reduces the overall session/traffic down period as a result of single member link failure. ASR 5500 System Administration Guide, StarOS Release 19...
Important with RFC 7130. Configuring Support for BFD Linkagg Member-links The bfd linkagg-peer command enables member-link BFD and configures the BFD link aggregation (linkagg) session values [RFC 7130]. configure context context_name bfd-protocol ASR 5500 System Administration Guide, StarOS Release 19...
VLANs. You should select the configuration example that best meets your service model before using the procedures described below. VLAN – Layer 2 Traffic Management is a Cisco feature that requires a separate license. Contact your Important Cisco account representative for detailed information on specific licensing requirements.
APN Support – PDN Gateway (P-GW) P-GW Access Point Name (APN) supports extensive parameter configuration flexibility for the APN. VLAN tagging may be selected by the APN, but are configured in the P-GW independently from the APN. ASR 5500 System Administration Guide, StarOS Release 19...
Flow Control : Enabled Link Aggregation Group : None Untagged: Logical ifIndex : 85262337 Operational State : Up, Active Tagged VLAN: VID 10 Logical ifIndex : 285278210 VLAN Type : Standard VLAN Priority ASR 5500 System Administration Guide, StarOS Release 19...
Use the configuration example below to configure VLAN associations within local subscriber profiles on the system. These instructions assume that you have already configured subscriber-type VLAN tags according to the Important instructions provided in Creating VLAN Tags, on page 237. config context context_name subscriber name user_name ASR 5500 System Administration Guide, StarOS Release 19...
Context Configuration Mode Advertises overlap-pool addresses in ip routing overlap-pool dynamic routing protocols when overlap pools are configured using VLAN IDs. When enabled, the overlap addresses are added as interface addresses and advertised. ASR 5500 System Administration Guide, StarOS Release 19...
Page 268
ID with a context. Table 37: VLAN-Related Monitoring Commands CLI Mode Command Description Exec Mode show commands clear port slot/port vlan vlan_id Clears NPU statistics for the port that has a previously configured VLAN ID. ASR 5500 System Administration Guide, StarOS Release 19...
Page 269
Displays VLAN utilization for a specified { 5-minute | hourly } collection interval. Exec Mode show commands show port info slot/port vlan vlan_id Displays NPU counters for a previously configured VLAN ID. ASR 5500 System Administration Guide, StarOS Release 19...
Page 270
VLANs VLAN-Related CLI Commands ASR 5500 System Administration Guide, StarOS Release 19...
Multi-Protocol Label Switching (MPLS) Virtual Private Networks (VPNs). Important MPLS is a licensed Cisco feature that requires a separate license. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of Software Management Operations.
Label Distribution Protocol (LDP) and Resource Reservation Protocol (RSVP) are not required because of direct-connect EBGP peering. The MPLS-CE in this scenario pushes/pops a single label (learned over the MP-eBGP connection) to/from the PE. ASR 5500 System Administration Guide, StarOS Release 19...
In this example, VRFs are configured on the ASR 5x00 PE and pools are associated with VRFs. The ASR 5x00 exchanges VPN routes with its IBGP peers (PE routers) and learns the MPLS paths to reach PEs via ASR 5500 System Administration Guide, StarOS Release 19...
Page 274
192.168.107.20 send-community both neighbor 192.168.107.20 next-hop-self exit address-family ipv4 vrf vrf1 redistribute connected exit address-family ipv4 vrf vrf2 redistribute connected exit interface interface_to_internet ip address 192.168.109.65/24 mpls ip exit router ospf ASR 5500 System Administration Guide, StarOS Release 19...
Support for VPN-IPv6 assumes the following: • Dual Stack (IPv4/IPv6) routing • IPv6 pools in VRFs • BGP peering over a directly connected IPv4 interface See the figure below. Figure 22: IPv6-RD Support for VPNv6 ASR 5500 System Administration Guide, StarOS Release 19...
1.52.53.54 255.255.255.255 exit interface vrf2-loop loopback ip vrf forwarding vrf2 ip address 2.52.53.54 255.255.255.255 exit interface vrf2-v6loop loopback ip vrf forwarding vrf2 ASR 5500 System Administration Guide, StarOS Release 19...
Page 277
1 chap 2 allow-noauth ip context-name Gi_ce ip address pool name vrf2-pool ipv6 address prefix-pool vrf2-v6pool exit apn apple51.com selection-mode sent-by-ms ASR 5500 System Administration Guide, StarOS Release 19...
This command enables sending of BGP routes with extended community to a neighbor. BGP Address-Family (VRF) neighbor ip_address activate Enables the exchange of routing Configuration Mode information with a peer router. ASR 5500 System Administration Guide, StarOS Release 19...
Page 279
MPLS labels to be added to packets sent for subscribers from this pool. Context Configuration Mode ip vrf vrf_name Creates a VRF and assigns a VRF-ID. A VRF is created in the router. ASR 5500 System Administration Guide, StarOS Release 19...
Page 280
Clears BGP sessions. Exec Mode lsp-ping ip_prefix_FEC Checks MPLS Label-Switched Path (LSP) connectivity for the specified forwarding equivalence class (FEC). It must be followed by an IPv4 or IPv6 FEC prefix. ASR 5500 System Administration Guide, StarOS Release 19...
Page 281
Enables Label Distribution Protocol (LDP). MPLS-LDP Configuration Mode router-id ip_address Configures the LDP Router ID. MPLS-LDP Configuration Mode Configures the LDP session session timers { hold-interval seconds | keepalive-interval parameters. seconds } ASR 5500 System Administration Guide, StarOS Release 19...
Page 282
Map (ILM) table information. Exec Mode show Commands show mpls ldp Displays the MPLS LDP information. Exec Mode show Commands show mpls Displays MPLS Next-Hop Label nexthop-label-forwarding-entry Forwarding Entry (NHLFE) table information. ASR 5500 System Administration Guide, StarOS Release 19...
Internal CSS is a generic feature, if an ECSv2 license is installed on your system, internal CSS can be Important enabled. A separate license is not required to enable internal CSS. Contact your local Cisco account representative for information on how to obtain a license.
• service_name must be an ACL service name. • For information on the keywords and options available with the redirect css service command, see the ACL Configuration Mode Commands chapter in the Command Line Interface Reference. ASR 5500 System Administration Guide, StarOS Release 19...
For information on how to apply an ACL to multiple subscribers via APNs, refer to the Applying a Single ACL to Multiple Subscribers via APNs section in the Access Control Lists chapter. ASR 5500 System Administration Guide, StarOS Release 19...
Page 286
Content Service Steering Applying an ACL to Multiple Subscribers via APNs (Optional) ASR 5500 System Administration Guide, StarOS Release 19...
This chapter describes the Session Recovery feature that provides seamless failover and reconstruction of subscriber session information in the event of a hardware or software fault. Session Recovery is a licensed Cisco feature. A separate feature license may be required. Contact your Important Cisco account representative for detailed information on specific licensing requirements.
Page 288
• ASR 5000 only – ePDG service (evolved Packet Data Gateway) • GGSN services for IPv4 and PPP PDP contexts • HA services supporting Mobile IP and/or Proxy Mobile IP session types with or without per-user Layer 3 tunnels ASR 5500 System Administration Guide, StarOS Release 19...
Page 289
• A best-effort attempt to recover various timer values such as call duration, absolute time, and others. • The idle time timer is reset to zero and the re-registration timer is reset to its maximum value for HA sessions to provide a more conservative approach to session recovery. ASR 5500 System Administration Guide, StarOS Release 19...
(able to accept incoming calls) or a system that is out-of-service (not part of your production network and, therefore, not processing any live subscriber/customer data). The session recovery feature, even when the feature use key is present, is disabled by default on the system. Important ASR 5500 System Administration Guide, StarOS Release 19...
If the current status of the Session Recovery feature is Disabled, You cannot enable this feature until a license key is installed in the system. ASR 5500 System Administration Guide, StarOS Release 19...
Overall Status SESSMGR Not Ready For Recovery Last Status Update 1 second ago host_name show session recovery status [local] Session Recovery Status: Overall Status Ready For Recovery Last Status Update 8 seconds ago ASR 5500 System Administration Guide, StarOS Release 19...
• Recovery action status – Success or failure reason • If recovery action failed, failure time stamp • If recovery action failed, failure task facility name • If recovery action failed, failure instance number ASR 5500 System Administration Guide, StarOS Release 19...
Administration Guide, before using the procedures described below. ICSR is a licensed Cisco feature that requires a separate license. Contact your Cisco account representative Important for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of Software Management Operations.
Important ICSR support for LAC requires a separate LAC license, as well as an Inter-Chassis Session Recovery license. Contact your Cisco account representative to verify whether a specific service supports ICSR as an option. Important Interchassis Communication Chassis configured to support ICSR communicate using periodic Hello messages. These messages are sent by each chassis to notify the peer of its current state.
Resets the Diameter monitor failure information to 0. srp terminate-post-process Forcibly terminates post-switchover processing. srp validate-configuration Validates the configuration for an active chassis. Validates that both active and standby chassis are ready for a planned srp validate-switchover SRP switchover. ASR 5500 System Administration Guide, StarOS Release 19...
• a manual switchover • another non-AAA failure event causes the system to switchover • a CLI command is used to clear the AAA failure flag and allow the chassis to switch to standby ASR 5500 System Administration Guide, StarOS Release 19...
• Border Gateway Protocol (BGP) – ICSR uses the route modifier to determine the chassis priority. Important ICSR is a licensed Cisco feature. Verify that each chassis has the appropriate license before using these procedures. To do this, log in to both chassis and execute a show license information command. Look for "Inter-Chassis Session Recovery".
Interchassis Session Recovery ICSR Operation The following figure shows an ICSR network. Figure 24: ASR 5500 ICSR Network ICSR Operation This section shows operational flows for ICSR. ASR 5500 System Administration Guide, StarOS Release 19...
Page 303
Interchassis Session Recovery ICSR Operation The following figure shows an ICSR process flow due to a primary failure. Figure 25: ICSR Process Flow (Primary Failure) ASR 5500 System Administration Guide, StarOS Release 19...
Page 304
Interchassis Session Recovery ICSR Operation The following figure shows an ICSR process flow due to a manual switchover. Figure 26: ICSR Process Flow (Manual Switchover) ASR 5500 System Administration Guide, StarOS Release 19...
Hello messages within the dead interval, the standby chassis initiates a switchover. During the switchover, the standby chassis begins advertising its srp-activated loopback and ASR 5500 System Administration Guide, StarOS Release 19...
• AAA server is installed, configured and accessible by both chassis. For more information on configuring the AAA server, refer to the AAA Interface Administration and Reference. • BGP router installed and configured. See Routing for more information on configuring BGP services. ASR 5500 System Administration Guide, StarOS Release 19...
Save your configuration as described in Verifying and Saving Your Configuration. Creating and Binding the SRP Context Use the example below to create the SRP context and bind it to primary chassis IP address: ASR 5500 System Administration Guide, StarOS Release 19...
Checkpoints can be set for IMS (VoLTE) and/or non-IMS sessions. The checkpoint is a snapshot of the current application state that can be used to restart its execution in case of failure. The default setting is 60 seconds. ASR 5500 System Administration Guide, StarOS Release 19...
◦aaa – local failure followed by AAA monitoring failure ◦bgp – local failure followed by BGP monitoring failure ◦diam – local failure followed by Diameter monitoring failure ASR 5500 System Administration Guide, StarOS Release 19...
◦ef – Expedited Forwarding PHB, for low latency traffic Optimizing Switchover Transitions There are several SRP configuration options that reduce the transition time from the active to standby gateways (primarily P-GW) in support of VoLTE traffic. ASR 5500 System Administration Guide, StarOS Release 19...
Interchassis Session Recovery Configuring the Service Redundancy Protocol (SRP) Context These features require an updated ICSR license to support the enhancements. Contact your Cisco account Important representative for additional information. Allow Non-VoLTE Traffic During ICSR Switchover The ICSR framework reduces switchover disruption for VoLTE traffic by enabling VoLTE traffic on the newly active gateway prior to reconciling the billing information and enabling communication with the newly active gateway when accounting is not deemed critical.
Page 312
The switchover allow-all-data-traffic command must be run on both chassis to enable this feature. Important The switchover allow-volte-data-traffic SRP Configuration mode CLI command allows VoLTE data traffic during ICSR switchover transition. configure context context_name ASR 5500 System Administration Guide, StarOS Release 19...
• Critical Flush – During the Active to Pending-Standby transition, all sessmgrs flush any pending critical FCs (Full Checkpoints). During this time, the active chassis drops all control packets. If control signaling ASR 5500 System Administration Guide, StarOS Release 19...
LZ4 is a very fast lossless compression algorithm with near-linear scalability for multi-threaded applications. The compression keyword in the SRP Configuration mode checkpoint session command allows you to enable the use of the LZ4 compression algorithm. ASR 5500 System Administration Guide, StarOS Release 19...
Configuring the Service Redundancy Protocol (SRP) Context The compression keyword will only appear if a special ICSR optimization feature license has been Important purchased and installed. Contact your Cisco account representative for assistance. The following command sequence enables the use of LZ4 compression: configure...
This option is useful in deployments in which a combination of IPv4 and IPv6 peers are spread across multiple paired VLANs, and IPv4 or IPv6 connectivity is lost by all members of a peer group. ASR 5500 System Administration Guide, StarOS Release 19...
Use the following example to create the BGP context and network addresses. configure context dest_ctxt_name router bgp AS_num network gw_ip_address neighbor neighbor_ip_address remote-as AS_num Notes: • AS_num is the autonomous systems path number for this BGP router. ASR 5500 System Administration Guide, StarOS Release 19...
This section describes how to compare the ICSR configuration on both chassis. Step 1 Enter the show configuration srp command on both chassis (Exec mode). Step 2 Verify that both chassis have the same SRP configuration information. ASR 5500 System Administration Guide, StarOS Release 19...
60 through 1440. For example, a periodicity of 90 indicates that SRP audit statistics will be generated every 90 minutes beginning at the specified start time. Default = 60. A sample configuration sequence appears below. config context srp service-redundancy-protocol audit daily-start-time 06 00 audit periodicity 90 ASR 5500 System Administration Guide, StarOS Release 19...
• Initiate an SRP switchover from the active backup chassis to make the standby primary chassis active. The four-part flowchart below shows a more complete view of all the procedures required to complete the StarOS upgrade process. ASR 5500 System Administration Guide, StarOS Release 19...
Page 321
Enabling the Demux on MIO/UMIO feature changes resource allocations within the system. This directly Caution impacts an upgrade or downgrade between StarOS versions in ICSR configurations. Contact Cisco TAC for procedural assistance prior to upgrading or downgrading your ICSR deployment.
Page 322
Interchassis Session Recovery Updating the Operating System Figure 29: ICSR Software Upgrade – Part 2 ASR 5500 System Administration Guide, StarOS Release 19...
Page 323
Interchassis Session Recovery Updating the Operating System Figure 30: ICSR Software Upgrade – Part 3 ASR 5500 System Administration Guide, StarOS Release 19...
Page 324
Interchassis Session Recovery Updating the Operating System Figure 31: ICSR Software Upgrade – Part 4 ASR 5500 System Administration Guide, StarOS Release 19...
Exec mode command:[local]host_name# directory /flash Step 2 Access to the Cisco support site and download facility is username and password controlled. Download the software image to a network location or physical device (USB stick) from which it can be uploaded to the /flash device.
Service Redundancy Protocol (SRP) checks verify that the mechanism for monitoring ICSR system status is operational. Step 1 Run show srp monitor all. Step 2 Review the output for any issues that may preclude performing the software update. ASR 5500 System Administration Guide, StarOS Release 19...
Synchronize the local file systems by entering the following Exec mode command: host_name filesystem synchronize all [local] Reloading the Chassis Reboot the chassis by entering the following command: host_name reload [-noconfirm] [local] ASR 5500 System Administration Guide, StarOS Release 19...
Features in the new operating system may require changes to the configuration file. These changes can be done manually or facilitated by custom scripts prepared by Cisco TAC. Make whatever changes are necessary prior to saving the updated configuration file.
There should be no output for this command, or no very recent SNMP trap notifications (based on the event timestamp). Step 3 If the active chassis cannot communicate with one or more AAA servers, refer to AAA Monitor for additional information. ASR 5500 System Administration Guide, StarOS Release 19...
On the primary chassis, confirm the switchover is complete by running the show srp info command. Chassis State should indicate Active when switchover is complete. Making Test Calls Once the chassis state is verified and subscribers are migrated, perform new call testing to make sure calls are successful. ASR 5500 System Administration Guide, StarOS Release 19...
[local] Step 3 Reboot the system to load its previous configuration. host_name reload [local] Step 4 Perform health checks as described in Performing Health Checks, on page 298 ASR 5500 System Administration Guide, StarOS Release 19...
Page 332
Interchassis Session Recovery Fallback Procedure ASR 5500 System Administration Guide, StarOS Release 19...
Technical Assistance Center (TAC) personnel and local administrators can review the SDRs on-line or by transferring them off the system. They may also wish to investigate the collector state information. The figure ASR 5500 System Administration Guide, StarOS Release 19...
If the user has configured support record sections, then the show configuration command displays user-configured support record sections. The support collection schedule configuration also appears in the show configuration output under the Global Configuration section. ASR 5500 System Administration Guide, StarOS Release 19...
The SDRs are stored together in a self-relative set. This self-relative set is called a Support Record Collection. Each individual SDR is identified with a record-id. The record-id of the most recent SDR is always 0 (zero). ASR 5500 System Administration Guide, StarOS Release 19...
Page 336
This is because the interval specifies the idle time between scheduled collection runs. Since the actual overhead of the collecting process is not included in the scheduled intervals, the time differences between collections includes this non-deterministic amount of time. ASR 5500 System Administration Guide, StarOS Release 19...
The administrator may decide to transfer the SDRs off the system to be analyzed remotely, for example, by Cisco TAC. ASR 5500 System Administration Guide, StarOS Release 19...
The max-records keyword specifies the number of SDRs to store as an integer from 1 to 65535. When this value is exceeded, the new SDR overwrites the oldest SDR. The default value is 168. ASR 5500 System Administration Guide, StarOS Release 19...
Last Collection Start Time : Monday October 21 06:29:05 PDT 2013 Last Collection End Time : Monday October 21 06:29:09 PDT 2013 Est. Collection Next Start : Monday October 21 07:29:13 PDT 2013 (40 minutes) Support Data Records at /var/tmp/support-records/ ASR 5500 System Administration Guide, StarOS Release 19...
Page 340
The output of this command reflects the sequence in which record sections will be output, regardless of the sequence in which they may have been entered by the user. Refer to the SDR CLI Command Strings appendix for additional information. ASR 5500 System Administration Guide, StarOS Release 19...
This appendix provides engineering guidelines for configuring the system to meet network deployment requirements. • CLI Session Rules, page 313 • ASR 5500 Interface and Port Rules, page 313 • Context Rules, page 314 • Subscriber Rules, page 317 •...
◦ For Release 15.0 and higher: With the Demux MIO/UMIO feature enabled, up to 64 interfaces can be configured within a single context. ◦ 512 Ethernet+PPP+tunnel interfaces ◦ 32 ipv6ip tunnel interfaces ◦ 511 GRE tunnels (2,048 GRE tunnels per chassis) ASR 5500 System Administration Guide, StarOS Release 19...
Page 343
◦ Releases 12 and 14: 16,000 BGP prefixes can be learned/advertised per context (64,000 per chassis) ◦ Releases 15 and 16: 32,000 BGP prefixes can be learned/advertised per context (64,000 per chassis) ASR 5500 System Administration Guide, StarOS Release 19...
Page 344
◦ 800 NAS-IP address/NAS identifier (one primary and one secondary per server group) per context • Up to 12 charging gateway functions (CGFs) for GTPP accounting can be configured per context. • Up to 16 bidirectional forwarding detection (BFD) sessions per context (64 per chassis) ASR 5500 System Administration Guide, StarOS Release 19...
Large numbers of services greatly increase the complexity of management and may affect overall system performance. Therefore, you should not configure a large number of services unless your application absolutely requires it. Please contact your Cisco service representative for more information.
The maximum number of ECMP groups are as follows: • For releases prior to 17.0, StarOS supports a maximum of 512 groups. • For release 17.0 and higher, StarOS supports a maximum of 2048 groups. ASR 5500 System Administration Guide, StarOS Release 19...
Command Line Interface Reference and Statistics and Counters Reference. The following sections describe the primary tasks that are implemented by StarOS: • Primary Task Subsystems, on page 320 • Controllers and Managers, on page 321 ASR 5500 System Administration Guide, StarOS Release 19...
All IP operations within StarOS are done within specific VPN contexts. In general, packets are not forwarded across different VPN contexts. The only exception currently is the Session subsystem. • Network Processing Unit (npuctrl/npumgr on ASR 5000; npusim on ASR 5500, and knpusim on VPC-DI and VPC-SI): This subsystem is responsible for the following: •...
Managers manage resources and mappings between resources. In addition, some managers are directly responsible for call processing. For information about the primary subsystems that are composed of critical, controller, and /or manager tasks, Subsystem Tasks, on page 322. ASR 5500 System Administration Guide, StarOS Release 19...
Starts management cards in either active or standby mode. Registers tasks with HAT task. Notifies CSP task of CPU startup completion. Brings up packet processing cards in standby mode. SITREAP SIT Reap Sub-function Shuts down tasks as required. ASR 5500 System Administration Guide, StarOS Release 19...
Monitors system components such as fans for state changes. Triggers actions for redundancy in the event of fault detection. The HAT subsystem on the redundant management card mirrors the HAT subsystem on the active management card. ASR 5500 System Administration Guide, StarOS Release 19...
Only one Session Controller operates at any time. Routes context specific operation information to the appropriate VPN Manager. Performs VPN Manager recovery and saves all VPN-related configuration information in SCT. ASR 5500 System Administration Guide, StarOS Release 19...
Page 353
Configuration mode CLI command) Responsible for learning and redistributing routing information via the OSPFv3 protocol. Maintains the OSPFv3 neighboring relationship. Maintains the LSA database. Performs OSPFv3 SPF calculations. Applies any defined OSPFv3 routing policy. ASR 5500 System Administration Guide, StarOS Release 19...
[VPC-DI, VPC-SI] Provides interface binding and forwarding services to the VPN Manager. Provides flow insertion and removal services to Session Manager and AAA Manager tasks. Provides recovery services to the NPU Controller. ASR 5500 System Administration Guide, StarOS Release 19...
Page 355
Provides port configuration services to the CSP task Provides interface binding and forwarding services to the VPN Manager. Provides flow insertion and removal services to Session Manager and AAA Manager tasks. Provides recovery services to the NPU Controller. ASR 5500 System Administration Guide, StarOS Release 19...
A11 Managers, and from multiple contexts. Processes protocols for A10/A11, GRE, R3, R4, R6, GTPU/GTPC, PPP, and Mobile IP. Manages Enhanced Charging Service, Content Filtering and URL Blacklisting services. Session Managers are paired with AAA Managers. ASR 5500 System Administration Guide, StarOS Release 19...
Page 357
Writes CDRs to a file in its VRAM-disk. The enqueued CDRs are then periodically synchronized with a HDD for transfer. ASR 5500 System Administration Guide, StarOS Release 19...
Page 358
Handles the Gmb interface over a Diameter connection to a BMSC Server for MBMS bearer sessions. dgmbmgr recovers by polling all sessmgrs for MBMS session states and recreating the MBMS UE and MBMS bearer context information. ASR 5500 System Administration Guide, StarOS Release 19...
Page 359
Maintains list of current Session Manager tasks which aids in session recovery. Handles GTP Echo messaging. With session recovery (SR) enabled, this demux manager is usually established on one of the CPUs on the first active packet processing card. ASR 5500 System Administration Guide, StarOS Release 19...
Page 360
Serves as the Default GTPU listener. GTPUMGR will process GTPU packets with invalid TEID. With session recovery (SR) enabled, this demux manager is usually established on one of the CPUs on the first active packet processing card. ASR 5500 System Administration Guide, StarOS Release 19...
Page 361
Maintains Home-NodeB databases. Provides nodal functions for Iuh interface on SCTP protocol. With session recovery (SR) enabled, this manager is usually established on one of the CPUs on the first active packet processing card. ASR 5500 System Administration Guide, StarOS Release 19...
Page 362
Created by the Session Controller. Manager In Server mode, acts as a RADIUS server, and supports Proxy functionality. In Snoop mode supports snooping RADIUS Accounting messages. Load balances requests among different SessMgrs. Activates and deactivates sessions. ASR 5500 System Administration Guide, StarOS Release 19...
Page 363
(routing domain) is activated. Multi-instanced for redundancy and scaling purposes. Provides SS7 and Gb connectivity to the platform. Routes per subscriber signalling across the SS7 (including Iu) and Gb interfaces to the SessMgr. ASR 5500 System Administration Guide, StarOS Release 19...
Page 364
Remains aware of all the active MME services in the system. With session recovery (SR) enabled, this demux manager is usually established on one of the CPUs on the first active packet processing card. ASR 5500 System Administration Guide, StarOS Release 19...
Page 365
Handles all PCRF service sessions. Manager Interfaces with PCC-Core while processing different events associated with individual subscriber sessions. Maintains subscriber information while applying business logic. Creates calline and corresponding APN session for each subscriber. ASR 5500 System Administration Guide, StarOS Release 19...
Responsible for the overall management of the system fabric. Controller Manages the pool of Rendezvous Destinations and coordinates fabric recovery by the afmgr proclets after a fault. A single afctrl instance runs on the active MIO/UMIO only. ASR 5500 System Administration Guide, StarOS Release 19...
Page 367
Spawns daughter card managers during system initialization Controller and monitors daughter card managers during system steady state execution. It also spawns daughter card managers [ASR 5x00 only] whenever a daughter card manager task fails. ASR 5500 System Administration Guide, StarOS Release 19...
Page 368
IP Access Lists, IP pools, interface addresses, and interface state notifications. ipsecmgr IPSec Manager Created by the Session Controller, establishes and manages secure IKEv1, IKEv2 and IPSec data tunnels. ASR 5500 System Administration Guide, StarOS Release 19...
Page 369
Link Aggregation Group Started by npuctrl on the demux card's primary CPU (ASR Manager 5000) or MIO (ASR 5500) with a facility level between CSP and npumgr to receive configuration/status notification from [ASR 5x00 only] npumgr and build global LAG database.
Management Protocol SNMP notifications (traps) if enabled. threshold Threshold Server Handles monitoring of threshold crossing alerts, if configured. Polls the needed statistics/variables, maintains state, and generates log messages/SNMP notification of threshold crossings. ASR 5500 System Administration Guide, StarOS Release 19...
To conserve processing cycles and memory, dynamic and periodic updates from an active chassis to a standby chassis are done using micro-checkpoints. The output of the Exec mode show srp info command displays a complete list of SRP checkpoints. Macro-checkpoints This section lists and briefly describes ICSR macro-checkpoints. ASR 5500 System Administration Guide, StarOS Release 19...
This macro-checkpoint is sent from the active to the standby chassis to map Service IDs on the standby chassis. • Time based: No • Frequency: N/A • Event based: Yes • Events: Occurs whenever a TCP connection is established between the sessmgrs and they move to READY_STATE. ASR 5500 System Administration Guide, StarOS Release 19...
• NAT Category, on page 356 • P-GW Category, on page 359 • Rf Interface Category, on page 361 • S6b Interface Category, on page 363 • SaMOG Category, on page 363 ASR 5500 System Administration Guide, StarOS Release 19...
• Related CLI command: None SESS_UCHKPT_CMD_UPDATE_IDLESECS This micro-checkpoint sends remaining number of seconds before idle timeout. • Time based: Yes • Frequency: — • Event based: No • Events: Occurs during ICSR background checkpointing. ASR 5500 System Administration Guide, StarOS Release 19...
• Time based: No • Frequency: — • Event based: Yes • Events: Occurs whenever a dynamic rule has been deleted. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 178 • Related CLI command: None ASR 5500 System Administration Guide, StarOS Release 19...
SESS_UCHKPT_CMD_UPDATE_EPDG_BEARER This micro-checkpoint synchronizes ePDG bearers between the active and standby chassis. • Time based: No • Frequency: N/A • Event based: No • Events: N/A • Accounting: Yes • Delta/Cumulative: Cumulative ASR 5500 System Administration Guide, StarOS Release 19...
• Related CLI command: show srp micro-checkpoint statistics debug-info SESS_UCHKPT_CMD_UPDATE_EPDG_STATS This micro-checkpoint synchronizes session statistics between the active and standby chassis. • Time based: Yes • Frequency: 30 seconds • Event based: No • Events: N/A • Accounting: Yes ASR 5500 System Administration Guide, StarOS Release 19...
This micro-checkpoint is sent in a Network or UE initiated update procedure except for updates that result in the following scenarios: • Creation or deletion of the beare • TFT change or inter-RAT handovers • Gn-Gp handoff Parameters associated with this micro-checkpoint are shown below. ASR 5500 System Administration Guide, StarOS Release 19...
This micro-checkpoint is sent when a port chunk is allocated or deallocated for a subscriber sharing a NAT IP address with other subscribers. The port chunk is allocated or deallocated while data is being received for that subscriber. • Time based: No • Frequency: N/A ASR 5500 System Administration Guide, StarOS Release 19...
• Frequency: N/A • Event based: Yes • Events: Triggered when a new SIP flow is created or deleted. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 98 • Related CLI command: None ASR 5500 System Administration Guide, StarOS Release 19...
(based on a rule-match), and a new bypass flow is created. This checkpoint is sent when the flow is both added and deleted. • Time based: No • Frequency: N/A • Event based: Yes ASR 5500 System Administration Guide, StarOS Release 19...
• Time based: No • Frequency: N/A • Event based: Yes • Events: Triggered when the S-GW goes into Restoration mode. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 158 • Related CLI command: None ASR 5500 System Administration Guide, StarOS Release 19...
• Time based: No • Frequency: N/A • Event based: Yes • Events: Triggered when there is a change in the LI state for this call. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 151 ASR 5500 System Administration Guide, StarOS Release 19...
This micro-checkpoint indicates a change in the SDF+QCI-based Rf accounting buckets. • Time based: Yes • Frequency: 4 seconds for aamgr checkpoint and 18 seconds for GR checkpoint • Event based: No • Events: N/A • Accounting: Yes • Delta/Cumulative: Cumulative ASR 5500 System Administration Guide, StarOS Release 19...
• Time based: Yes • Frequency: 4 seconds for aamgr checkpoint and 18 seconds for GR checkpoint; • Event based: No • Events: Sent along with macro-checkpoint. • Accounting: Yes • Delta/Cumulative: Cumulative ASR 5500 System Administration Guide, StarOS Release 19...
• Event based: Yes • Events: Occurs whenever SaMOG sends a Delete-Session-Req or upon receiving a Delete-Bearer-Request. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 169 • Related CLI command: show subscriber samog-only full ASR 5500 System Administration Guide, StarOS Release 19...
• Related CLI command: show subscriber samog-only full SESS_UCHKPT_CMD_CGW_UPDATE_STATS Reserved for future use. SESS_UCHKPT_CMD_CGW_UPDATE_UE_PARAM Reserved for future use. SESS_UCHKPT_CMD_SAMOG_ACCT_INTERIM_INFO This micro-checkpoint is sent for a SaMOG session on receipt of an Accounting Req (INTERIM-UPDATE) from the WLC ASR 5500 System Administration Guide, StarOS Release 19...
• Event based: Yes • Events: Occurs whenever a DHCP-Discover message is received over a different EoGRE tunnel. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 201 • Related CLI command: show subscriber samog-only full ASR 5500 System Administration Guide, StarOS Release 19...
SaMOG will delay handoff as it expects an Accounting Req (START) from the subscriber. • Time based: No • Frequency: N/A • Event based: Yes • Events: Occurs when a Account Req (STOP) request is received from the WLC. ASR 5500 System Administration Guide, StarOS Release 19...
This micro-checkpoint is sent for a SaMOG session when SaMOG is waiting on the UE after sending an Access-Challenge while Re-authenticating the subscriber session. • Time based: No • Frequency: N/A • Event based: Yes ASR 5500 System Administration Guide, StarOS Release 19...
• Events: Occurs on receiving and successfully processing AAR from the AAA Server to re-authorize the subscriber • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 173 • Related CLI command: show subscriber samog-only full ASR 5500 System Administration Guide, StarOS Release 19...
A P P E N D I X ASR 5500 SDR CLI Command Strings • ASR 5500 SDR CLI Command Strings, page 369 ASR 5500 SDR CLI Command Strings This appendix identifies the CLI command strings that can be entered for a record section via the support record section command in the Global Configuration Mode.
Page 408
"show dns client statistics" Disabled "show hss-peer-service service all" Disabled "show ipms status all" Disabled "show ipms status debug-info" Disabled "show kvstore" Disabled "show kvstore verbose" Disabled "show kvstore kvclient" Disabled "show kvstore kvmgr" ASR 5500 System Administration Guide, StarOS Release 19...
Page 409
Disabled "show sls-service all" Disabled "show sls-service peers all" Disabled "show sls-service statistics all" Notes: • Enabled = Included in default record section • Disabled = Not included in default record section ASR 5500 System Administration Guide, StarOS Release 19...
Page 410
ASR 5500 SDR CLI Command Strings ASR 5500 SDR CLI Command Strings ASR 5500 System Administration Guide, StarOS Release 19...