PDF(566.9 KB) View with Adobe Reader on a variety of devices
Updated:April 1, 2020
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco Prime Access Registrar (Prime Access Registrar) is a high performance, carrier class, 3GPP-5G-DNAAA compliant, 64-bit RADIUS/Diameter solution that provides scalable, flexible, intelligent authentication, authorization, and accounting (AAA) services.
Prime Access Registrar comprises a RADIUS/Diameter server designed from the ground up for performance, scalability, and extensibility for deployment in complex service provider environments including integration with external data stores and systems. Session and resource management tools track user sessions and allocate dynamic resources to support new subscriber service introductions.
Note Prime Access Registrar can be used with Red Hat Enterprise Linux (RHEL) version 6.6 and above and CentOS version 6.5 and above.
This release note contains the following sections:
This section describes the system requirements to install and use the Prime Access Registrar software.
Table 1 lists the system requirements for Prime Access Registrar 9.0.
Table 1 Minimum Hardware and Software Requirements for Prime Access Registrar Server
RHEL 6.6 and above
CentOS 6.5 and above
Intel Xeon CPU 2.30 GHz
Prime Access Registrar supports JDK versions 1.7 and 1.8 from release 7.3 onwards.
Co-Existence With Other Network Management Applications
To achieve optimal performance, Prime Access Registrar should be the only application running on a given server. In certain cases, when you choose to run collaborative applications such as a SNMP agent, you must configure Prime Access Registrar to avoid UDP port conflicts. The most common conflicts occur when other applications also use ports 2785 and 2786. For more information on SNMP configuration, see the “Configuring SNMP” section in the “Configuring Cisco Prime Access Registrar” chapter of the Cisco Prime Access Registrar 9.0 Administrator Guide.
New and Enhanced Features in Cisco Prime Access Registrar 9.0
Cisco Prime Access Registrar 9.0 provides the following features:
Note Smart Licensing is not supported in Prime Access Registrar version 9.0 and hence Smart PIDs will not be available for this release (Caveat reference: CSCvq23952).
Enhanced IP Allocation in Cisco Prime Access Registrar
In the previous versions of Prime Access Registrar, IP allocation happens internally based on a specific range of IPs configured. If there are multiple Prime Access Registrars in a deployment, each Prime Access Registrar server will have different range of IPs configured and can allocate/de-allocate IPs only within that specific range. Prime Access Registrar cannot allocate IPs from a common pool. This is addressed by the enhanced IP allocation feature.
With this feature, IP ranges will be read from the configuration and the common IP pools will be maintained in a centralized Mongo Database (MongoDB). Any Prime Access Registrar server which is connected to the DB can allocate an available IP for a user from the common IP pools. When the user disconnects, the IP is released back to the pool again. Along with the IP pools, the user sessions will also be maintained in centralized MongoDB.
With the enhanced IP allocation feature, IPV6 address allocation is also supported.
Prime Access Registrar is 5G Data Network-AAA (DN-AAA) compliant based on the spec 3GPP TS 29.561 V15.1.0. Further enhancements are made to support this functionality as given below:
DN-AAA server-specific RADIUS and Diameter attributes are added in the dictionary and carried in the corresponding messages.
N6-specific AVPs and Experimental-Result-Code are added in the corresponding dictionary.
With respect to accounting traffic, the release of IPv4 address and/or IPv6 prefix is notified to the DN-AAA server by sending RADIUS Accounting-Request Interim-Update without the Framed-IP-Address and/or Framed-Ipv6-Prefix attribute.
Prime Access Registrar checks the 3GPP-Notification AVP and if the first bit of the third octet is set, then IP address is not allocated.
Accounting ON and OFF is expected from Session Management Function (SMF) to ensure the synchronization of session information.
Support is provided to trigger Re-Auth-Request (RAR) and Abort-Session-Request (ASR) when there is no integration with HSS for non-SIM based subscribers.
3GPP-Teardown-Indicator is added to the RADIUS Disconnect Request message indicating the SMF that all QoS flows for the particular user and sharing the same user session will be deleted.
Tracking 5G Packet Flows in Prime Access Registrar
New environment variable and Diameter stats counters are introduced to track the 5G packet flows in Prime Access Registrar. EnableMatchingServiceSelection5GFlag variable provides a flexibility to decide if you want to check the Interworking-5GS-Indicator AVP in the APN configuration of matching Service-Selection. The value must be set to 1 in the remote server incoming script to enable this flag.
Table 2 lists the new Diameter stats counters introduced for this feature.
Table 2 Diameter Stats Counters to Track 5G Packet Flows
Diameter Peer Stats
Number of DEA messages with Interworking-5GS-Indicator AVP that are sent to the peer.
The Interworking-5GS-Indicator AVP is present in the DEA packet to differentiate it as a 5G packet.
This will help in understanding the 5G DEA message flow in Prime Access Registrar.
Note If the environment variable EnableMatchingServiceSelection5GFlag is set to 1, the cdbpPeerStats5GIndicatorDEAsOut counter is updated only if the Interworking-5GS-Indicator AVP is present in the APN configuration of matching Service-Selection.
Diameter Remote Server Stats
Number of Server-Assignment-Answer (SAA) messages with Interworking-5GS-Indicator AVP that are received by the remote server. The Interworking-5GS-Indicator AVP is present in the SAA packet to differentiate it as a 5G packet.
This will help in understanding the 5G SAA message flow in Prime Access Registrar.
Note If the environment variable EnableMatchingServiceSelection5GFlag is set to 1, the cDiaRemSvrStats5GIndicatorSAAsIn counter is updated only if the Interworking-5GS-Indicator AVP is present in the APN configuration of matching Service-Selection.
Number of failed Server-Assignment-Request (SAR) messages with Interworking-5GS-Indicator AVP, that are received by the remote server.
Cisco Prime Access Registrar 9.0 Bugs
For information on a specific bug or to search all bugs in a particular Prime Access Registrar release, see Using the Bug Search Tool.
Fixed Anomalies in Cisco Prime Access Registrar 18.104.22.168
Table 6 lists the anomalies fixed in Prime Access Registrar 22.214.171.124 release.
Table 6 Fixed Anomalies in Prime Access Registrar 126.96.36.199
Client throttling is dropping response packets in DRA mode.
Tag value is not set properly for vendor specific attributes of type TAG_STRING.
Upgrade failed from 188.8.131.52 to higher version.
Fixed Anomalies in Cisco Prime Access Registrar 184.108.40.206
Table 7 lists the anomalies fixed in Prime Access Registrar 220.127.116.11 release.
Table 7 Fixed Anomalies in Prime Access Registrar 18.104.22.168
Interworking-5GS-Indicator AVP code to be changed in Prime Access Registrar CLI.
Reactivation not happening when the diameter connection is closed for the remote server randomly.
Using the Bug Search Tool
Use the Bug Search tool (BST) to get the latest information about Cisco Prime Access Registrar bugs. BST allows partners and customers to search for software bugs based on product, release, and keyword, and it aggregates key data such as bug details, product, and version.
BST allows you to:
Quickly scan bug content
Configure e-mail notifications for updates on selected bugs
Start or join community discussions about bugs
Save your search criteria so you can use it later
When you open the Bug Search page, check the interactive tour to familiarize yourself with these and other Bug Search features.
Step 2 To search for a specific bug, enter the bug ID in the Search For field and press Return.
Step 3 To search for bugs in a particular release:
a. In the Search For field, enter the product name and the release version, e.g. Cisco Prime Access Registrar 9.0, and press Return. (Leave the other fields empty.)
b. When the search results are displayed, use the filter and sort tools to find the types of bugs you are looking for. You can search for bugs by severity, by status, how recently they were modified, according to the number of support cases associated with them, and so forth.
Note We sometimes update the documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.