Cisco Prime Access Registrar (Prime Access Registrar) is a high performance, carrier class, 3GPP-compliant, 64-bit RADIUS/Diameter solution that provides scalable, flexible, intelligent authentication, authorization, and accounting (AAA) services.
Prime Access Registrar comprises a RADIUS/Diameter server designed from the ground up for performance, scalability, and extensibility for deployment in complex service provider environments including integration with external data stores and systems. Session and resource management tools track user sessions and allocate dynamic resources to support new subscriber service introductions.
Note Prime Access Registrar can be used with Red Hat Enterprise Linux (RHEL) 6.6/7.0/7.2/7.4/7.5/7.7 and CentOS 6.5 64-bit operating systems using kernel and Glibc.
This release note contains the following sections:
This section describes the system requirements to install and use the Prime Access Registrar software.
Table 1 lists the system requirements for Prime Access Registrar 8.0.3.
Table 1 Minimum Hardware and Software Requirements for Prime Access Registrar Server
Intel Xeon CPU 2.30 GHz
Prime Access Registrar supports JDK versions 1.7 and 1.8.
Note These are the minimum system requirements to have Prime Access Registrar up and running. This may vary based on the deployments. Please contact your BU team to know the specific system requirements for your deployment.
Co-Existence With Other Network Management Applications
To achieve optimal performance, Prime Access Registrar should be the only application running on a given server. In certain cases, when you choose to run collaborative applications such as a SNMP agent, you must configure Prime Access Registrar to avoid UDP port conflicts. The most common conflicts occur when other applications also use ports 2785 and 2786. For more information on SNMP configuration, see the “Configuring SNMP” section in the “Configuring Cisco Prime Access Registrar” chapter of the Cisco Prime Access Registrar 8.0 Administrator Guide.
Enhanced Features in Cisco Prime Access Registrar 8.0.3
Cisco Prime Access Registrar 8.0.3 provides the following enhancements:
Prime Access Registrar supports queue-based throttling for Diameter transactions. Using this feature, Prime Access Registrar utilizes one-third of its input queue exclusively for incoming requests. The input queue is determined by the parameter MaximumNumberofDiameterPackets configured under /Radius/Advanced/Diameter/TransportManagement.
Rest of the queue is utilized for other outgoing call flows and incoming responses from and to Cisco Prime Access Registrar.
If the number of requests flowing into Prime Access Registrar goes beyond one third of the configured parameter value, Cisco Prime Access Registrar responds with a server busy error (Diameter error code: 3004).
TCP Buffer Read/Write Configuration Support
With this enhancement, Prime Access Registrar allows you to configure TCP read/write buffers that can be applied for TCP connections appropriately to a specific remote server. New parameters are added to Diameter client and remote server configurations to support this feature:
Diameter remote server:
TCP-ReadBuffer—Allows you to configure read buffer socket options for TCP connections initiated to the remote server.
TCP-WriteBuffer—Allows you to configure write buffer socket options for TCP connections initiated to the remote server.
TCP-ReadBuffer—Allows you to configure read buffer socket options for TCP connections.
TCP-WriteBuffer—Allows you to configure write buffer socket options for TCP connections.
Note When the parameter is set to zero, default kernel settings will take effect.
Logging User IP Information
Prime Access Registrar provides an option to capture the username as part of the aregcmd_log during login failures. The following parameter is added under /Radius/Advanced to support this feature:
DisplayUserForFailedLogin—If this option is enabled, during login failures, username is captured along with the failure reason as part of the aregcmd_log.
Also, for all the configuration, login, and logout activities, Prime Access Registrar displays the end user IP in the aregcmd_log. With this enhancement, Prime Access Registrar will start logging the end user’s IP address, which is the immediate first hop IP for every aregcmd activity.
Preallocate Memory for Processing Queue Enhancement
This enhancement allows initializing Prime Access Registrar processing queue proportional to the input queue, which is the MaximumNumberofDiameterPackets value configured under /Radius/Advanced/Diameter/TransportManagement. This enables better traffic handling for Prime Access Registrar soon after startup.
Support for Logging Timeout Packets
With this enhancement, Prime Access Registrar starts logging information about all packets that timeout i.e. packets which are not responded to within the specified timeout period.
A sample log file content is provided below:
07/04/2020 14:08:35.904 name/radius/1 Info System 0 Remote Server REM_76 has not responded Cmd code: 303 request for user-name 97000000051 in 1 try
Session Container Capacity Configuration
With this enhancement, Prime Access Registrar session containers are initialized to hold the number of sessions based on a configurable parameter value, thereby enabling on-demand growth from thereon. Following parameter is added under /Radius/Advanced to support this feature:
InitialSessionBufferSize—Administrator can configure the estimated session capacity, which that particular Prime Access Registrar instance can hold. This indicates the average or estimated value and not the maximum capacity. Setting this to a larger value impacts the startup performance. Setting this value to zero, will disable preallocation and enable on-demand growth of the container.
Enhancement in Blade Switchover Startup Processing
In a cluster environment, during blade switchover scenarios, Prime Access Registrar startup was impacting traffic handling. This enhancement improves Prime Access Registrar startup process during blade switchover scenarios.
Logging System Statistics
With this enhancement, Prime Access Registrar allows you to collect following statistics data for a configured duration:
Throttled Packets Count
A new parameter SystemStatsLogFrequencyInSecs is added under /Radius/Advanced/Diameter/TransportManagement, which when set to a non-zero value, allows you to log the above statistics for the configured duration. By default this value is set to zero. The system statistics are saved in the system_stats_log file.
Fixed Anomalies in Cisco Prime Access Registrar 8.0.3
Table 2 lists the anomalies fixed in Prime Access Registrar 8.0.3 release.
Table 2 Fixed Anomalies in Prime Access Registrar 8.0.3
Session Termination Request (STR) request with Termination-Cause Diameter_BAD_ANSWER to be handled properly.
Clearance trap is not generated for OtherAuthServerNotRespondingTrap,after successful DRA connection.
Handling the remote server delete state assert during socket send failure.
When EnableLocationCapability is enabled, radius memory increases.
WebGUI is throwing LicenseNotValidException on login when UISessionTimeout is set to a non-zero value.
Known Anomaly in Cisco Prime Access Registrar 8.0.3
Table 3 lists the known anomaly in Prime Access Registrar 8.0.3 release.
Table 3 Known Anomaly in Prime Access Registrar 8.0.3
Configurations not available in GUI.
Using the Bug Search Tool
Use the Bug Search tool (BST) to get the latest information about Cisco Prime Access Registrar bugs. BST allows partners and customers to search for software bugs based on product, release, and keyword, and it aggregates key data such as bug details, product, and version.
BST allows you to:
Quickly scan bug content
Configure e-mail notifications for updates on selected bugs
Start or join community discussions about bugs
Save your search criteria so you can use it later
When you open the Bug Search page, check the interactive tour to familiarize yourself with these and other Bug Search features.
Step 2 To search for a specific bug, enter the bug ID in the Search For field and press Return.
Step 3 To search for bugs in a particular release:
a. In the Search For field, enter the product name and the release version, e.g. Cisco Prime Access Registrar 8.0.3, and press Return. (Leave the other fields empty.)
b. When the search results are displayed, use the filter and sort tools to find the types of bugs you are looking for. You can search for bugs by severity, by status, how recently they were modified, according to the number of support cases associated with them, and so forth.
Note We sometimes update the documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.