Product Bulletin No. 3213
Introduction
This product bulletin provides content and delivery information for Cisco IOS® Software Release 12.3(14)YX, which is the release vehicle for the Cisco® Packet Data Serving Node (PDSN) and Cisco Mobile Wireless Home Agent Release 3.0. It is also the migration vehicle for Cisco IOS Software Release 12.3(11)YF, the current release vehicle for the Cisco PDSN and Mobile Wireless Home Agent 2.1. This release is focused on the Cisco 7206VXR Router, the Cisco 7600 Series routers, and the Cisco Catalyst® 6500 Series switches. The Cisco 7600 Series and Catalyst 6500 Series use the Multiprocessor WAN Application Module (MWAM). The features delivered with this new release will be incorporated into the Cisco IOS Software Release 12.4(5th)T, but Release 12.3(14)YX represents a release vehicle that provides these features sooner. For more information about the Cisco IOS Software release process, please see Product Bulletin Number 537.
Migration Guide
Figure 1 displays Cisco IOS Software 12.3(14)YX functionality relative to the 12.3 and 12.3T releases. This figure also identifies the migration path.
Figure 1
Cisco IOS Software Release 12.3(14)YX Migration Path
This is also the migration path for the Cisco IOS Software Early Deployment Release 12.3(11)YF.
New Features in Cisco IOS Software Release 12.3(14)YX
Cisco IOS Software Release 12.3(14)YX Features (PDSN)
Table 1 lists the new features in the initial release of Cisco IOS Software Release 12.3(14)YX for the Cisco PDSN.
Table 1. New (PDSN) Features in Cisco IOS Software Release 12.3(14)YX
Please see the following section for details about these new features. Any Early Deployment software release should be used first in a test network before being deployed in a production network.
Feature Details
Session Redundancy
Cisco PDSN Session Redundancy provides support for failover of the Cisco PDSN application and PPP protocol session for Simple IP and Mobile IP calls. This minimizes the impact of a Cisco PDSN failure on the mobile user experience.
Simple IPv6
The Cisco PDSN simple IP service has been enhanced to allow both simple IPv4 and simple IPv6 access, as defined in IS-835B. The Cisco PDSN will support the following simultaneous sessions:
• Simple IPv4 and Simple IPv6
• Mobile IPv4 and Simple IPV6
• Simple IPv4, Mobile IPv4 and Simple IPv6
RADIUS Server Load Balancing
The RADIUS Server Load-Balancing feature is a mechanism to share the load of RADIUS Authentication and Accounting transactions across a set of RADIUS servers. With RADIUS Server Load Balancing, the Cisco PDSN distributes the transaction load across multiple servers in a server group. It tracks the slower servers and reduces the transaction load on those servers.
RADIUS Server Selection Based on Realm
This RADIUS Server Selection feature supports sending the full username for authentication, without stripping the domain name. The RADIUS Server will be selected based on the domain name, that is, from user@domain.
Conditional Debug Enhancements
The CDMA, PPP, AAA, and Mobile IP FA conditional debugs are further enhanced to display the MNID/username with every line. This simplifies user debugging.
Cisco IOS Software Release 12.3(14)YX Features (Home Agent)
Table 2 lists the new features in the initial release of Cisco IOS Software Release 12.3(14)YX for the Cisco PDSN.
Table 2. New (Home Agent) Features in Cisco IOS Software Release 12.3(14)YX
Please see the following section for details about these new features. Any Early Deployment software release should be used first in a test network before being deployed in a production network.
Feature Details
Home Agent Redundancy for Active-Active Scenario
The robust Cisco Mobile Wireless Home Agent Redundancy feature available for active-standby configurations now supports active-active configurations. This provides customers with further flexibility in their network designs.
Home Agent Accounting Enhancements
The Cisco Mobile Wireless Home Agent Accounting feature is enhanced to add accounting redundancy, and packet count, byte count and additional accounting records.
Virtual Routing and Forwarding Enhancements
The VRF function, which provides support for overlapping IP address for mobile nodes for the mobile IP flows that are opened for different realms, is enhanced to allow configuration of NAI to VRF mapping on the RADIUS server. An option is provided to send a registration reject with code 136 and new Cisco Mobile Wireless Home Agent address if the Cisco Mobile Wireless Home Agent has to assign a different address than requested by PDSN/Foreign Agent. This call sequence makes the VRF solution compliant to the IS-835D standard.
Mobile User Access Control Lists
Mobile User ACLs provide support for per-user packet filtering. With this feature, for a successfully authenticated registration request, the RADIUS server will return inACL and outACL attributes in the access response to Cisco Mobile Wireless Home Agent.
DNS Server Address Assignment
DNS Server Address Assignment provides support for IS-835D-defined attributes to push the DNS sever address to the mobile as an NVSE in the mobileip registration request. The mobile node is able to learn the primary and secondary DNS server address of the home domain.
IP Reachability
IP Reachability provides the capability to update a DNS server in the home network with the current authorized mobile node IP address. This feature is implemented per IS-835D standard.
RADIUS Server Load Balancing
The RADIUS Server Load-Balancing feature is a mechanism to share the load of RADIUS Authentication and Accounting transactions across a set of RADIUS servers. With RADIUS Server Load Balancing, the Cisco Mobile Wireless Home Agent distributes the transaction load across multiple servers in a server group. It tracks the slower servers and reduces the transaction load on those servers.
RADIUS Server Selection Based on Realm
This RADIUS Server Selection feature supports sending the full username for authentication, without stripping the domain name. The RADIUS Server will be selected based on the domain name (that is, from user@domain).
Conditional Debug Enhancements
The Mobile IP conditional debugs are further enhanced to display the MNID/username with every line. This simplifies user debugging.
For more detailed information about the platforms and features being delivered in Cisco IOS Software Release 12.3(14)YX, please reference the following documents:
http://www.cisco.com/en/US/products/ps6267/products_data_sheet0900aecd8027cbb2.html
Support
Cisco IOS Software Release 12.3(14)YX follows the standard Cisco support policy as indicated in the following document: http://www.cisco.com/en/US/products/products_end-of-life_policy.html
Note that Cisco Software Application Support (SAS) must be ordered for the Cisco PDSN and Cisco Mobile Wireless Home Agent; they are not covered under Cisco SMARTnet® support. See the Product Numbers section for details. Cisco SAS includes 24-hour technical assistance from the Cisco Technical Assistance Center (TAC) via telephone and the Web, online tools, plus bug fixes, maintenance, and rebuilds of the same release (Release 3.0) of the Cisco PDSN and Cisco Mobile Wireless Home Agent.
Product Numbers
The spare product code is designated with `=' and should be ordered when upgrading to a new release, moving to a different Cisco PDSN or Cisco Mobile Wireless Home Agent image, or when the platform hardware is not being ordered in conjunction with the software.
There are two Cisco PDSN images available with Release 3.0 for the Cisco MWAM: Basic and Premium. Only one image is available on the Cisco 7206VXR; this image includes all features that are available on the 7206VXR.
• Basic: Includes basic feature set.
• Premium: Includes the basic feature set plus Closed R-P* on MWAM, Prepaid. Simple IPv6, PPPoGRE.
*There is also a System Feature License (one per customer) required when Closed R-P is required. The Product Code is made available in Table 3 below.
There are two home agent images available with Release 3.0 for the Cisco MWAM: Basic and Premium. Only one image is available on the Cisco 7206VXR; this image includes all features that are available on the 7206VXR.
• Basic: Includes the basic feature set.
• Premium: Includes the basic feature set plus Hotlining, VRF, IP Reachability.
There is also a Feature License on the supervisor required for the Home Agent-Server Load Balancing (HA-SLB) feature. The Product Code is made available in Table 5 below.
There are two options when ordering software for the Cisco MWAM:
• Single image
• Bundled image (five images)
Each Cisco MWAM has five processors. They can be licensed by MWAM (bundled image), or by processor (single image). This allows for maximum flexibility when deploying and expanding a network. Cisco Mobile Wireless Home Agent and Cisco PDSN operate on separate Cisco MWAMs. Note that Cisco PDSN and home agent images cannot coexist on the same Cisco MWAM, though a home agent MWAM and a PDSN MWAM can coexist in the same chassis. The Cisco 7609 router can support up to six Cisco MWAMs running the Cisco PDSN and/or Cisco Mobile Wireless Home Agent application; the Cisco 7613 router can support up to ten Cisco MWAMs running the Cisco PDSN and/or Cisco Mobile Wireless Home Agent application.
When ordering more than one single image, the first one should be ordered as an option to the Cisco MWAM. Any subsequent single images should be ordered as spares.
Table 3. Ordering Information: Cisco IOS Software Release 12.3(14)YX PDSN Part Numbers
The following part numbers should be used when ordering Cisco SAS for Cisco PDSN 3.0 (Table 4).
Table 4. Ordering Information: Cisco SAS for Cisco PDSN Release 3.0
Table 5. Ordering Information: Cisco IOS Software Release 12.3(14)YX Home Agent Part Numbers
The following part numbers should be used when ordering Cisco SAS for Cisco Mobile Wireless Home Agent 3.0 (Table 6).
Table 6. Ordering Information: Cisco SAS for Cisco Mobile Wireless Home Agent 3.0
Bundle Product Numbers
When ordering multiple Cisco MWAMs with the Cisco PDSN R3.0 image, there are bundles available that include:
• Two Cisco MWAMs (WS-SVC-MWAM-1)
• Two bundled images of Cisco PDSN 3.0 Basic or Premium (SC-SVC-PD30B or SC-SVC-PD30B + FL-PREM30UP-PDSN)
When ordering multiple Cisco MWAMs with the Cisco Mobile Wireless Home Agent 3.0 image, there is a bundle available that includes:
• Two Cisco MWAMs (WS-SVC-MWAM-1)
• Two bundled images of Cisco Mobile Wireless Home Agent 3.0 Premium (SC-SVC-HA30B or SC-SVC-HA30B + FL-PREM30UP-HA)
Table 7 provides ordering information for these bundles.
Table 7. Ordering Information: Cisco MWAM/Software Image Bundles
Download Information
Customers can download Cisco IOS Software Release 12.3(14)YX from the Software Image Library on Cisco.com:
http://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi?majorRel=12.3
http://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi?majorRel=12.3
Special Note to Customers
The following are additional ordering guidelines and sample configurations for a Cisco PDSN and Cisco Mobile Wireless Home Agent. Note that the configurations are provided for guidance only and do not include Cisco SMARTnet hardware support or ancillary equipment such as cables, rack mount kits, or high-speed fan trays. Please discuss your desired configuration with your Cisco representative prior to ordering.
Cisco Mobile Wireless Home Agent and Cisco PDSN 3.0 on the Cisco 7206VXR
The Cisco Mobile Wireless Home Agent and Cisco PDSN images operate on a Cisco 7206VXR Router with Cisco NPE-G1 Network Processing Engine.
Table 8 shows the recommended hardware configuration for a Cisco 7206VXR to support Cisco Mobile Wireless Home Agent or Cisco PDSN 3.0.
Table 8. Recommended Hardware Configuration for Cisco 7206VXR
Note: This is the configuration as tested in the Cisco lab. Any variations to this configuration should be discussed with your Cisco representative prior to ordering.
Cisco Mobile Wireless Home Agent and Cisco PDSN R3.0 on 7206VXR with 3DES Encryption
The Cisco Mobile Wireless Home Agent and Cisco PDSN Triple Data Encryption Standard (3DES) images operate on a Cisco 7206VXR with Cisco NPE-G1 Network Processing Engine with the Cisco VPN Acceleration Module 2 (SA-VAM2) or the Cisco VPN Acceleration Module 2+ (SA-VAM2+). One SA-VAM2 or SA-VAM2+ is required per chassis. IPSec operation is supported only with hardware acceleration.
Because the SA-VAM2 has reached end of life, any new Cisco 7206VXR configurations with IPSec are recommended to use the SA-VAM2+.
Table 9 shows the recommended hardware configuration for a Cisco 7206VXR to support Cisco Mobile Wireless Home Agent or Cisco PDSN Release 3.0 with IPSec.
Table 9. Recommended Hardware Configuration for Cisco 7206VXR to Support IPSec
Note: This is the configuration as tested in the Cisco lab. Any variations to this configuration should be discussed with your Cisco representative prior to ordering.
Cisco Mobile Wireless Home Agent and Cisco PDSN 3.0 on the Cisco 7600 Series
Cisco Mobile Wireless Home Agent and Cisco PDSN operate on separate Cisco MWAMs. They can be licensed by MWAM (five processors), or by processor (single image). Note that Cisco PDSN and home agent images cannot coexist on the same Cisco MWAM, though a home agent MWAM and a PDSN MWAM can coexist in the same chassis.
Cisco Mobile Wireless Home Agent and Cisco PDSN on the Cisco MWAM are supported with the Cisco Catalyst 6500/7600 Series Supervisor Engine 2 and the Multilayer Switch Feature Card (MSFC2), and the Cisco Catalyst 6500/7600 Series Supervisor Engine 720-3B and 720-3BXL. As the Supervisor Engine 2 is in the end-of-life process, the Supervisor Engine 720-3BXL is recommended for new orders. The 12.2.18-SXD3 or later software version must run on the Supervisor Engine 2; the 12.2.18-SXE1 or later software version must run on the Supervisor Engine 720-3B or 720-3BXL.
Table 10 shows the recommended hardware configuration for a Cisco 7613 Router to support Cisco Mobile Wireless Home Agent and/or Cisco PDSN 3.0. Recommended supervisor software is also included.
Table 10. Recommended Hardware Configuration for Cisco 7613 Router
If the Cisco PDSN or Cisco Mobile Wireless Home Agent Premium image is desired, the appropriate feature license to upgrade must also be ordered as an option to the Cisco PDSN or Cisco Mobile Wireless Home Agent Basic image:
|
Part Number |
Description |
Quantity |
|
FL-PREM30UP-PDSN FL-PREM30UP-HA FL-PR30UPSIM-PDSN FL-PREM30UPSIM-HA |
Home Agent or PDSN image upgrade Basic to Premium, full or single image |
x |
If the HA-SLB feature is desired, the following part number must also be ordered as an option to the Supervisor Engine image:
Depending on network configuration, a Fast Ethernet interface card can be ordered instead of Gigabit Ethernet interface. In this case, the following could be ordered instead of WS-X6408A-GBIC:
Note: This is the configuration as tested in the Cisco lab. Any variations to this configuration should be discussed with your Cisco representative prior to ordering.
Cisco Mobile Wireless Home Agent and Cisco PDSN 3.0 on the Cisco 7600 Series with DES3 Encryption
Cisco Mobile Wireless Home Agent and Cisco PDSN operate on one Cisco MWAM. They can be licensed by MWAM (five processors), or by processor (single image). Note that Cisco PDSN and Cisco Mobile Wireless Home Agent images cannot coexist on the same Cisco MWAM, though a home agent MWAM and a PDSN MWAM can coexist in the same chassis.
Cisco Mobile Wireless Home Agent and Cisco PDSN on the Cisco MWAM are supported with the Cisco Catalyst 6500/7600 Series Supervisor Engine 2 and the Multilayer Switch Feature Card (MSFC2), and the Cisco Catalyst 6500/7600 Series Supervisor Engine 720-3B and 720-3BXL. As the Supervisor Engine 2 is in the end-of-life process, the Supervisor Engine 720-3BXL is recommended for new orders. The 12.2.18-SXD3 or later software version must run on the Supervisor Engine 2; the 12.2.18-SXE1 or later software version must run on the Supervisor Engine 720-3B or 720-3BXL.
One IPSec VPN security module, or one IPSec VPN Shared Port Adaptor, is required per chassis. Because the IPSec VPN-SM has reached end of life, any new Cisco MWAM configurations with IPSec are recommended to use the IPSec VPN-SPA. A minimum of one SPA Carrier-400 and one IPSec VPN Shared Port Adapter is required. IPSec operation is supported only with hardware acceleration.
The same Cisco Mobile Wireless Home Agent and Cisco PDSN images support both non-IPSec and IPSec operation.
Table 11 lists the recommended hardware configuration for a Cisco 7613 Router to support Cisco Mobile Wireless Home Agent and/or Cisco PDSN 3.0 with 3DES encryption. Recommended supervisor engine software is also included.
Table 11. Recommended Hardware Configuration for Cisco 7613 Router with 3DES
If the Cisco PDSN or Cisco Mobile Wireless Home Agent Premium image is desired, the appropriate feature license to upgrade must also be ordered as an option to the Cisco PDSN or Cisco Mobile Wireless Home Agent Basic image:
|
Part Number |
Description |
Quantity |
|
FL-PREM30UP-PDSN FL-PREM30UP-HA FL-PR30UPSIM-PDSN FL-PREM30UPSIM-HA |
Home Agent or PDSN image upgrade Basic to Premium, full or single image |
x |
If the HA-SLB feature is desired, the following part number must also be ordered as an option to the supervisor engine software image:
Depending on network configuration, a Fast Ethernet interface card can be ordered instead of Gigabit Ethernet interface. In this case, the following could be ordered instead of WS-X6408A-GBIC:
Note: This is the configuration as tested in the Cisco lab. Any variations to this configuration should be discussed with your Cisco representative prior to ordering.