 Feedback
|
Table Of Contents
Cisco PDSN Command Reference for IOS Release 12.4(15)XN
cdma pdsn a10 always-on keepalive
cdma pdsn a10 init-ppp-after-airlink-start airlink-start-timeout
cdma pdsn a10 police downstream
cdma pdsn a11 dormant ppp-idle-timeout send-termreq
cdma pdsn a11 dormant sdb-indication gre-flags
cdma pdsn a11 dormant sdb-indication match-qos-group
cdma pdsn a11 mandate presence airlink-setup
cdma pdsn a11 receive de-reg send-termreq
cdma pdsn a11 reject airlink-start active
cdma pdsn a11 reject airlink-stop dormant
cdma pdsn a11 session-update qos
cdma pdsn accounting local-timezone
cdma pdsn accounting prepaid threshold
cdma pdsn accounting send cdma-ip-tech
cdma pdsn accounting send ipv6-flows
cdma pdsn accounting send start-stop
cdma pdsn accounting time-of-day
cdma pdsn attribute send meid-optional
cdma pdsn cluster controller closed-rp
cdma pdsn cluster controller member periodic-update
cdma pdsn cluster controller session-high
cdma pdsn cluster controller session-low
cdma pdsn cluster member periodic-update
cdma pdsn cluster member prohibit administratively
cdma pdsn compliance iosv4.1 session-reference
cdma pdsn debug show-conditions
cdma pdsn ingress-address-filtering
cdma pdsn mobile-advertisement-burst
cdma pdsn pcf default closed-rp
cdma pdsn redundancy accounting send vsa swact
cdma pdsn redundancy accounting update-periodic
cdma pdsn retransmit a11-update
cdma pdsn selection load-balancing
cdma pdsn selection session-table-size
cdma pdsn timeout mobile-ip-registration
clear cdma pdsn cluster controller session record age
clear cdma pdsn cluster controller statistics
clear cdma pdsn cluster member statistics
clear cdma pdsn redundancy statistics
debug cdma pdsn accounting flow
debug cdma pdsn accounting time-of-day
debug cdma pdsn radius disconnect nai
debug cdma pdsn redundancy attributes
debug cdma pdsn redundancy errors
debug cdma pdsn redundancy events
debug cdma pdsn redundancy packets
debug cdma pdsn resource-manager
debug cdma pdsn service-selection
ip mobile authentication ignore-spi
ip mobile foreign-service revocation
ip mobile registration-lifetime
show cdma pdsn accounting detail
show cdma pdsn accounting session
show cdma pdsn accounting session detail
show cdma pdsn accounting session flow
show cdma pdsn accounting session flow user
show cdma pdsn cluster controller
show cdma pdsn cluster controller configuration
show cdma pdsn cluster controller member
show cdma pdsn cluster controller session
show cdma pdsn cluster controller statistics
show cdma pdsn redundancy statistics
show cdma pdsn statistics prepaid
show ip mobile cdma ipsec profile
snmp-server enable traps ipmobile
Cisco PDSN Command Reference for IOS Release 12.4(15)XN
This section lists new and revised commands pertaining to the PDSN software. All other commands used with this feature are documented in the Cisco IOS Release 12.3 command reference publications.
•
cdma pdsn a10 always-on keepalive
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
access list
To configure the access list mechanism for filtering frames by protocol type or vendor code, use the access-list global configuration command. Use the no form of this command to remove the single specified entry from the access list.
access-list access-list-number {permit | deny} {type-code wild-mask | address mask}
no access-list access-list-number {permit | deny} {type-code wild-mask | address mask}
Syntax Description
Defaults
No numbered encryption access lists are defined, and therefore no traffic will be encrypted/decrypted. After being defined, all encryption access lists contain an implicit "deny" ("do not encrypt/decrypt") statement at the end of the list.
Command Modes
Global configuration
Command History
Usage Guidelines
Use encryption access lists to control which packets on an interface are encrypted/decrypted, and which are transmitted as plain text (unencrypted).
When a packet is examined for an encryption access list match, encryption access list statements are checked in the order that the statements were created. After a packet matches the conditions in a statement, no more statements will be checked. This means that you need to carefully consider the order in which you enter the statements.
To use the encryption access list, you must first specify the access list in a crypto map and then apply the crypto map to an interface, using the crypto map (CET global configuration) and crypto map (CET interface configuration) commands.
Fragmented IP packets, other than the initial fragment, are immediately accepted by any extended IP access list. Extended access lists used to control virtual terminal line access or restrict contents of routing updates must not match the TCP source port, the type of service value, or the packet's precedence.
Note
Caution
Note
Examples
The following example creates a numbered encryption access list that specifies a class C subnet for the source and a class C subnet for the destination of IP packets. When the router uses this encryption access list, all TCP traffic that is exchanged between the source and destination subnets will be encrypted.
access-list 101 permit tcp 172.21.3.0 0.0.0.255 172.22.2.0 0.0.0.255cdma pdsn a10 ahdlc engine
To limit the number of Asynchronous High-Level Data Link Control (AHDLC) channel resources provided by the AHDLC engine, use the cdma pdsn a10 ahdlc engine command to in global configuration mode. To reset the number of AHDLC channel resources to the default, use the no form of this command.
cdma pdsn a10 ahdlc engine slot usable-channels usable-channels
no cdma pdsn a10 ahdlc engine slot usable-channels
Syntax Description
Defaults
The default number of usable channels equals the maximum channels supported by the engine; the c-5 images supports 8000 sessions, and all c-6 image support 20000 sessions.
Command Modes
Global configuration
Command History
12.2(2)XC
This command was introduced.
12.2(8)BY
The maximum number of usable channels was increased to 20000.
Usage Guidelines
If the value of usable-channels is greater than default maximum channels provided by the engine, the command will fail.
If the engine has any active channels, the command will fail.
Examples
The following example limits the number of service channels provided by the AHDLC engine to 1000:
cdma pdsn a10 ahdlc engine 0 usable-channels 1000Related Commands
cdma pdsn a10 ahdlc trailer
To enable the PDSN so that AHDLC frames are expected to contain trailer byte, use the cdma pdsn a10 ahdlc trailer command to in global configuration mode. To disable the PDSN so that AHDLC processing does not expect the AHDLC trailer (0x7e), use the no form of this command.
cdma pdsn a10 ahdlc trailer
no cdma pdsn a10 ahdlc trailer
Syntax Description
There are no arguments or keywords for this command.
Defaults
The default behavior is that trailer byte 0x7e is expected in the AHDLC frames.
Command Modes
Global configuration
Command History
Usage Guidelines
When the no version of the command is configured, each AHDLC frame is considered a full AHDLC fragment, and the PDSN will start processing the packet.
Examples
The following example disables the PDSN so that AHDLC processing does not expect the AHDLC trailer:
Router (config)# no cdma pdsn a10 ahdlc trailercdma pdsn a10 always-on keepalive
To alter the default always-on service parameters, use the cdma pdsn a10always-on keepalive command in global configuration mode. To return to the default values, use the no form of this command.
cdma pdsn a10 always-on keepalive {interval 1-65535 [attempts 0-255] | attempts 0-255}
no cdma pdsn a10 always-on keepalive {interval 1-65535 [attempts 0-255] | attempts 0-255}
Syntax Description
Defaults
The Always On feature is enabled by default. The default value for interval is 3, and the default value for attempts is 3.
Command Modes
Global configuration
Command History
cdma pdsn a10 init-ppp-after-airlink-start airlink-start-timeout
To configure the PDSN so that Point-to-Point Protocol (PPP) negotiation with an MN will start only after the traffic channel is assigned, (in other words, after a Registration Request with airlink-start is received), use the cdma pdsn a10 init-ppp-after-airlink-start command in global configuration mode. Use the no form of this command to revert to the default behavior.
cdma pdsn a10 init-ppp-after-airlink-start airlink-start-timeout 1-120
no cdma pdsn a10 init-ppp-after-airlink-start airlink-start-timeout 1-120
Syntax Description
Defaults
By default, this CLI is not enabled, therefore, the PDSN will initiate PPP negotiation immediately after a Registration Reply is sent to the initial Registration.Request.
When enabled, the default timeout interval is 10 seconds.
Command Modes
Global configuration
Command History
Usage Guidelines
The PDSN initiates PPP negotiation immediately after a Registration Reply is sent to the initial Registration Request, but the calls (for which the PPP negotiation has started before the traffic channel is assigned to MN) have failed.
When this command is enabled, the PPP negotiation with the MN will start only after the traffic channel is assigned—after a Registration Request with airlink-start is received. If the airlink start is not received at all, the session will be torn down when timeout occurs.By default, this timeout interval is 10 seconds, or can be configured through the CLI.
The session is not torn down immediately after the timeout, so, in order to minimize the impact on the performance, there is just one timer started to keep track of all the sessions waiting for airlink-start to start PPP.
For example, with a default of 10 seconds, if the timer expires at t1 and a new call comes at t2(t2 >t1), the next run of the timer will be at t1+10. It is likely that the uptime for the call is not more than 10 seconds since t2 > t1. So the call will be checked at the next run (t1+10+10). Thus, the variation is between 1 and 10.
Examples
The following example illustrates the cdma pdsn a10 init-ppp-after-airlink-start airlink-start-timeout command:
router# cdma pdsn a10 init-ppp-after-airlink-start airlink-start-timeout 20cdma pdsn a10 gre sequencing
To enable inclusion of Generic Routing Encapsulation (GRE) sequence numbers in the packets sent over the A10 interface, use the cdma pdsn gre sequencing command in global configuration mode. To disable the inclusion of GRE sequence number in the packets sent over the A10 interface, use the no form of this command.
cdma pdsn a10 gre sequencing
no cdma pdsn a10 gre sequencing
Syntax Description
This command has no arguments or keywords.
Defaults
GRE sequence numbers are included in the packets sent over the A10 interface.
Command Modes
Global configuration
Command History
Examples
The following example instructs Cisco PDSN to include per-session GRE sequence numbers in the packets sent over the A10 interface:
router# cdma pdsn a10 gre sequencingRelated Commands
cdma pdsn a10 max-lifetime
To specify the maximum A10 registration lifetime accepted, use the cdma pdsn a10 max-lifetime command in global configuration mode. To return to the default length of time, use the no form of this command.
cdma pdsn a10 max-lifetime seconds
no cdma pdsn a10 max-lifetime
Syntax Description
seconds
Maximum A10 registration lifetime accepted by Cisco PDSN. The range is 1 to 65535 seconds. The default is 1800 seconds.
Defaults
1800 seconds.
Command Modes
Global configuration
Command History
Examples
The following example specifies that the A10 interface will be maintained for 1440 seconds:
router# cdma pdsn a10 max-lifetime 1440Related Commands
cdma pdsn a10 police downstream
To enable policing of down stream data traffic for the session, use the cdma pdsn a10 police downstream command in global configuration mode. To disable this feature, use the no form of this command.
cdma pdsn a10 police downstream
no cdma pdsn a10 police downstream
Syntax Description
There are no keywords or variable for this command.
Defaults
The default value is that policing is not applied for downstream packets.
Command Modes
Global configuration
Command History
Examples
router(config)# cdma pdsn a10 police downstream
cdma pdsn a11 dormant ppp-idle-timeout send-termreq
To specify that for dormant sessions, on PPP idle timeout, PPP termreq will be sent, use the cdma pdsn all dormant ppp-idle-timeout send-termreq command in global configuration mode. To disable this feature, use the no form of this command.
cdma pdsn all dormant ppp-idle-timeout send-termreq
no cdma pdsn all dormant ppp-idle-timeout send-termreq
Syntax Description
There are no keywords or variable for this command.
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Usage Guidelines
Disabling this behavior will avoid traffic channel allocation for cleaning up ppp sessions at the mobile.
Examples
router# cdma pdsn a11 dormant ppp-idle-timeout send-termreq
cdma pdsn a11 dormant sdb-indication gre-flags
To configure the PDSN so that all packets that are set with the specific group-number will be flagged for SDB usage between the PCF and the PDSN, use the cdma pdsn a11 dormant sdb-indication gre-flags command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn a11 dormant sdb-indication gre-flags group-number
no cdma pdsn a11 dormant sdb-indication gre-flags group-number
Syntax Description
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Usage Guidelines
The B bit (SDB indication) would be set for packets matching the sdb-indication group-number.
Examples
router# cdma pdsn a11 dormant sdb-indication gre-flags 12
cdma pdsn a11 dormant sdb-indication match-qos-group
To configure the PDSN to use SDBs to deliver PPP control packets for Always-On sessions, where the session is dormant, use the cdma pdsn a11 dormant sdb-indication match-qos-group command in global configuration mode. Use the no form of this command to disable this feature.
cdma pdsn a11 dormant sdb-indication match-qos-group group-number ppp-ctrl-pkts
no cdma pdsn a11 dormant sdb-indication match-qos-group group-number ppp-ctrl-pkts
Syntax Description
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Usage Guidelines
While data packets can be sent towards the mobile using SDBs, SDBs can also be used to deliver PPP control packets. This method can be particularly helpful for Always-On sessions, where the session is dormant. Basically, with Always On configured, the PDSN sends out LCP echo requests (and waits for LCP echo replies) to keep the session alive. As a result, when such a session goes dormant, a data channel needs to be setup to deliver these LCP echo requests to the MN. The other option is to use SDBs to deliver the LCP echo requests without setting up a data channel.
Examples
The following example illustrates the cdma pdsn a11 dormant sdb-indication match-qos-group command:
router(config)# cdma pdsn a11 dormant sdb-indication match-qos-group 14 ppp-ctrl-pktscdma pdsn a11 mandate presence airlink-setup
To mandate that the initial RRQ should have Airlink-Setup in Acct CVSE from PCF, use the cdma pdsn all mandate presence airlink-setup command in global configuration mode. To disable this feature, use the no form of this command.
cdma pdsn a11 mandate presence airlink-setup
no cdma pdsn a11 mandate presence airlink-setup
Syntax Description
This command has no keywords or variables.
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Usage Guidelines
Issuing this command mandates that the initial RRQ should have Airlink-Setup in Acct CVSE from PCF. As a result, if this Airlink setup is not present in the RRQ, the session is not created, and a RRP with error code "86H - Poorly formed request" is returned.
If you do not configure this command, or disable it, then sessions can be opened even with no accounting CVSE being present in the initial RRQ.
Examples
router# cdma pdsn a11 mandate presence airlink-setup
cdma pdsn a11 receive de-reg send-termreq
To enable the PDSN to send an LCP TermReq to the Mobile Node when it receives a A11 de-registration message from the PCF, use the cdma pdsn a11 receive de-reg send-termreq command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn a11 receive de-reg send-termreq
no cdma pdsn a11 receive de-reg send-termreq
Syntax Description
There are no arguments or keywords for this command.
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Examples
The following example enables the PDSN to send an LCP TermReq to the Mobile Node when it receives a A11 de-registration message from the PCF:
router (config)# cdma pdsn a11 receive de-reg send-termreqcdma pdsn a11 reject airlink-start active
To enable the PDSN to send RRP (with error code "86H-Poorly formed request") when the RRQ is received with airlink-start in the Acct CVSE from PCF for an active session, use the cdma pdsn a11 reject airlink-start active command in global configuration mode. To disable this function, use the no form of the command.
cdma pdsn a11 reject airlink-start active
no cdma pdsn a11 reject airlink-start active
Syntax Description
This command has no arguments or keywords.
Defaults
No default values.
Command Modes
Global configuration
Command History
Examples
The following example illustrates the cdma pdsn a11 reject airlink-start active command:
Router(config)# cdma pdsn a11 reject airlink-start activecdma pdsn a11 reject airlink-stop dormant
To enable the PDSN to send RRP (with error code "86H-Poorly formed request") when the RRQ is received with airlink-stop in the Acct CVSE from PCF for a dormant session, use the cdma pdsn a11 reject airlink-stop dormant command in global configuration mode. To disable this function, use the no form of the command.
cdma pdsn a11 reject airlink-stop dormant
no cdma pdsn a11 reject airlink-stop dormant
Syntax Description
This command has no arguments or keywords.
Defaults
No default values.
Command Modes
Global configuration
Command History
Examples
The following example illustrates the cdma pdsn a11 reject airlink-stop dormant command:
Router(config)# cdma pdsn a11 reject airlink-stop dormantcdma pdsn a11 session-update
To enable the A11 Session update feature on the PDSN, and to send an A11 session update for either the Always On, or RNPDIT (or both) attributes that are downloaded from the AAA during the authentication phase, use the cdma pdsn a11 session-update command in global configuration. Use the no form of the command to disable this feature.
cdma pdsn a11 session-update {[always-on] 1-10 [rn-pdit] 0-9}
no cdma pdsn a11 session-update {[always-on] [rn-pdit] 1-10}
Syntax Description
Defaults
The default timeout value is 3 seconds. The default retransmit number is 3.
Command Modes
Global configuration
Command History
Examples
The following example enables both the always-on and rn-pdit attributes:
Router(config)#cdma pdsn a11 session-update ?always-on Send Always-on indicator in A11 Session-Updatern-pdit Send RN-PDIT in A11 Session-Updatecdma pdsn a11 session-update qos
To enable sending a Subscriber QoS profile through an A11 session-update and A11 RRP, use the cdma pdsn a11 session-update qos command in global configuration mode. Use the no form of the command disable the feature. The existing timeout and retransmit a11 session-update configurations also apply to this command.
cdma pdsn a11 session-update qos
no cdma pdsn a11 session-update qos
Syntax Description
This command has no arguments or keywords.
Defaults
The default value is that subscriber qos is not sent in session update.
Command Modes
Global configuration
Command History
Examples
The following example illustrates how to configure the cdma pdsn a11 session-update qos command:
router(config)# cdma pdsn a11 session-update qoscdma pdsn accounting local-timezone
To specify the local time stamp for PDSN accounting events, use the cdma pdsn accounting local-timezone command in global configuration mode. To return to the default Universal Time (UTC), use the no form of this command.
cdma pdsn accounting local-timezone
no cdma pdsn accounting local-timezone
Syntax Description
This command has no arguments or keywords.
Defaults
UTC time, a standard based on GMT, is enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
You must use the clock timezone hours-offset [minutes-offset] global configuration command to reflect the difference between local time and UTC time.
Examples
The following example sets the local time in Korea:
clock timezone KOREA 9cdma pdsn accounting local-timezoneRelated Commands
cdma pdsn accounting prepaid
To enable the Prepaid billing feature on PDSN, use the cdma pdsn accounting prepaid command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn accounting prepaid [volume | duration]
no cdma pdsn accounting prepaid [volume | duration]
Syntax Description
volume
Specifies that quota metering on the PDSN will be volume-based.
duration
Specifies that quota metering on the PDSN will be duration-based.
Defaults
There are no default values for this command.
Command Modes
Global configuration
Command History
Usage Guidelines
Prepaid quota metering on the PDSN can be configured as volume-based only by enabling the volume keyword, or duration-based only by enabling the duration keyword. If no option is provided, both volume-based and duration-based metering are enabled on the PDSN, but only one can be effective at a time for one prepaid flow.
Note
Examples
The following example illustrates how to enable volume-based billing on the PDSN using the cdma pdsn accounting prepaid command:
router# cdma pdsn accounting prepaid volumecdma pdsn accounting prepaid threshold
To set the box-level threshold for all volume-based or duration-based prepaid flows on the PDSN, use the cdma pdsn accounting prepaid threshold command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn accounting prepaid threshold [volume | duration] value
no cdma pdsn accounting prepaid threshold [volume | duration] value
Syntax Description
Defaults
There are no default values for this command.
Command Modes
Global configuration
Command History
Examples
The following example illustrates how to set the threshold for volume-based billing on the PDSN using the cdma pdsn accounting prepaid threshold command:
router# cdma pdsn accounting prepaid volume 80
router# cdma pdsn accounting prepaid duration 75
cdma pdsn accounting send cdma-ip-tech
To configure specific values for the F11 attribute for proxy Mobile IP and VPDN services, use the cdma pdsn accounting send cdma-ip-tech command in global configuration mode. To deconfigure those values, use the no form of this command.
cdma pdsn accounting send cdma-ip-tech [proxy-mobile-ip | vpdn]
no cdma pdsn accounting send cdma-ip-tech [proxy-mobile-ip | vpdn]
Syntax Description
proxy-mobile-ip
Sets the IP-Tech proxy-mobile-ip number. Values are 3-65535.
vpdn
Sets the IP-Tech vpdn number. Values are 3-65535.
Defaults
No default behavior or values.
Command Modes
Global configuration.
Command History
Examples
pdsn(config)#cdma pdsn accounting send cdma-ip-tech proxy-mobile-ip 3pdsn(config)#cdma pdsn accounting send cdma-ip-tech vpdn 4cdma pdsn accounting send ipv6-flows
To to control the number of flows and UDR records used for IPv4/IPv6 simultaneous sessions, use the cdma pdsn accounting send ipv6-flows command in global configuration mode. Use the no form of this command to disable this function.
cdma pdsn accounting send ipv6-flows number
no cdma pdsn accounting send ipv6-flows number
Syntax Description
number
Number of flows. The default value is 1, denoting shared flow. The range of values is 1-2.
Defaults
The default value of flows is 1, denoting a shared flow.
Command Modes
Global configuration
Command History
Usage Guidelines
The session will default to 1 flow for a simultaneous IPv4/IPv6 session, but 2 flows can be configured for a simultaneous session.
Examples
The following example illustrates the cdma pdsn accounting send ipv6-flows command:
router(config)# cdma pdsn accounting send ipv6-flows 2cdma pdsn accounting send start-stop
To cause the PDSN to send accounting records when the call transitions between active and dormant states, use the cdma pdsn accounting send start-stop command in global configuration mode. To stop sending accounting records, use the no form of this command.
cdma pdsn accounting send {start-stop | cdma-ip-tech}
no cdma pdsn accounting send {start-stop | cdma-ip-tech}
Syntax Description
start-stop
Informs the PDSN when to begin sending accounting records and when to stop sending them.
cdma-ip-tech
Accounting records are generated with special IP-Tech number.
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
Usage Guidelines
When this feature is enabled, the PDSN will send:
•
•
Examples
The following example starts sending PDSN accounting events:
cdma pdsn accounting send start-stopRelated Commands
cdma pdsn accounting time-of-day
To set the accounting information for specified times during the day, use the cdma pdsn accounting time-of-day command in global configuration mode. To disable the specification, use the no form of this command.
cdma pdsn accounting time-of-day hh:mm:ss
no cdma pdsn accounting time-of-day
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
Usage Guidelines
This command is used to facilitate billing when a user is charged different prices based upon the time of the day. Up to ten different accounting triggers can be configured.
Examples
The following example sets an accounting trigger for 13:30:20:
cdma pdsn accounting time-of-day 13:30:30Related Commands
cdma pdsn age-idle-users
To configure the aging of idle users, use the cdma pdsn age-idle-users command. To stop aging out idle users, use the no form of this command.
cdma pdsn age-idle-users [minimum-age value]
no cdma pdsn age-idle-users
Syntax Description
minimum-age value
(Optional) The minimum number of seconds a user should be idle before they are a candidate for being aged out. Possible values are 1 through 65535.
Defaults
By default, no idle users are aged out.
Command Modes
Global configuration
Command History
Usage Guidelines
If no value is specified, the user that has been idle the longest will be aged out. If an age is specified and the user that has been idle the longest has not been idle for the specified value, then no users are aged out.
Examples
The following example sets a minimum age out value of 5 seconds:
cdma pdsn age-idle-users minimum-age 5cdma pdsn attribute send
To configure the attributes to be sent in an access-request or accounting request, use the cdma pdsn attribute send command in global configuration mode. To disable this feature and return to the default settings, use the no form of this command.
cdma pdsn attribute send {a1 {fa-chap | mip-rrq} | a2 {auth-req | fa-chap | mip-rrq} c5 {acct-reqs} | f11 {auth-req | fa-chap} | f15 {acct-reqs} | f16 {acct-reqs} | f5 {auth-req | fa-chap} | g1 {acct-start} | g2 {acct-start} | g17 | esn-optional | is835a}
no cdma pdsn attribute send {a1 {fa-chap | mip-rrq} | a2 {auth-req | fa-chap | mip-rrq} c5 {acct-reqs} | f11 {auth-req | fa-chap} | f15 {acct-reqs} | f16 {acct-reqs} | f5 {auth-req | fa-chap} | g1 {acct-start} | g2 {acct-start} | g17 | esn-optional | is835a}
Syntax Description
Defaults
No default values
Command Modes
Global configuration
Command History
12.3(8)XW
This command was introduced.
12.3(14)YX
The F11 attributes were introduced.
Usage Guidelines
Use this command to enable the optional attributes to be sent in access and accounting requests.
When attributes which have multiple options (for example, a1, which can be sent in fa-chap as well as mip-rrq), the configuration can be done in the following way as well,
cdma pdsn attribute send a1 fa-chap mip-rrq,similarly
cdma pdsn attribute send a1 auth-req mip-rrq fa-chapExamples
The following example enables the cdma pdsn attribute send command:
cdma pdsn attribute send a1 fa-chapThe attribute a1 will be sent in the access request during FA-CHAP
cdma pdsn attribute send a1 auth-reqThe attribute a2 will be sent in the access request during PPP PAP/CHAP
cdma pdsn attribute send a3
To include the MEID in Access Request, FA-CHAP, Mobile IP RRQs, use the cdma pdsn attribute send a3 command in the global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn attribute send a3 {auth-req | fa-chap | mip-rrq}
no cdma pdsn attribute send a3 {auth-req | fa-chap | mip-rrq}
Syntax Description
auth-req
Send a3(MEID) in access request during pap/chap.
fa-chap
Send a3(MEID) in FA-CHAP.
mip-rrq
Send a3(MEID) in MobileIP RRQ.
Defaults
No default values
Command Modes
Global configuration
Command History
Examples
The following example illustrates how to include the MEID in FA-CHAP:
cdma pdsn attribute send a3 fa-chapcdma pdsn attribute send meid-optional
To include the MEID in the Accounting Requests and access requests, in FA-CHAP requests and MOIP- requests, use the cdma pdsn attribute send meid-optional command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn attribute send meid-optional
no cdma pdsn attribute send meid-optional
Syntax Description
There are no arguments of keywords for this command.
Defaults
No default values
Command Modes
Global configuration
Command History
Usage Guidelines
If the MN is not equipped to send the MEID, it will not be included in the RRQ. In such circumstances, a blank string will be included in the Accounting Requests, and the access requests, FA-CHAP and MOIP-rrqs.
If the cdma pdsn attribute send meid-optional command is configured, the MEID is included in the Accounting Requests and access requests, in FA-CHAP requests and MOIP- requests, only if it is included in the RRQ.
Examples
The following example illustrates the cdma pdsn attribute send meid-optional command:
cdma pdsn attribute send meid-optionalcdma pdsn cluster controller
To configure the PDSN to operate as a cluster controller, and to configure various parameters on the cluster controller, use the cdma pdsn cluster controller command. To disable certain cluster controller parameters, use the no form of this command.
cdma pdsn cluster controller [ interface interface-name | timeout seconds [window number] | window number ]
no cdma pdsn cluster controller [ interface interface-name | timeout seconds [window number] | window number ]
Syntax Description
Defaults
The timeout default value is 300 seconds.
Command Modes
Global configuration
Command History
Examples
The following example enables the cdma cluster controller:
cdma pdsn cluster controller interface FastEthernet1/0cdma pdsn cluster controller closed-rp
To configure the VPDN group to be used to establish the L2TP tunnels between the controller and members for the Closed-RP Controller-Member clustering, use the cdma pdsn cluster controller closed-rp command in global configuration mode on the PDSN cluster controller. To remove this configuration, use the no form of the command.
cdma pdsn cluster controller closed-rp vpdn-group
no cdma pdsn cluster controller closed-rp vpdn-group
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
The VPDN group to be used for controller-member L2TP tunnels must be present in the running configuration before this command is configured.
Examples
The following example illustrates the cdma pdsn cluster controller closed-rp command:
cdma pdsn cluster controller closed-rp vpdn-groupcdma pdsn cluster controller member periodic-update
To enable the periodic process to flush the dangling Session Records on the controller, use the cdma pdsn cluster controller member periodic-update command in Global configuration mode. Use the no form of the command to disable this process.
cdma pdsn cluster controller member periodic-update
no cdma pdsn cluster controller member periodic-update
Syntax Description
There are no arguments or keywords for this command.
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Examples
The following example illustrates how to enable the cdma pdsn cluster controller member periodic-update command:
router(config)# cdma pdsn cluster controller member periodic-updatecdma pdsn cluster controller session-high
To generate an alarm when the controller reaches the upper threshold of the maximum number of sessions it can handle, use the cdma pdsn cluster member session-high command. To disable this feature, use the no form of this command.
cdma pdsn cluster controller session-high 1-1000000
no cdma pdsn cluster controller session-high 1-1000000
Syntax Description
Defaults
The range is 1-1000000. The configured value should be more than the lower threshold value. The default value is 200000.
Command Modes
Global configuration
Command History
Usage Guidelines
You should take into account the number of members in the cluster when you configure the high threshold. For example, if there are only 2 members in the cluster, the high threshold should be less than 40000.
Examples
The following example illustrates the cdma pdsn cluster controller session-high command:
Received SNMPv1 Trap:Community: publicEnterprise: cCdmaPdsnMIBNotifPrefixAgent-addr: 9.15.72.15Enterprise Specific trap.Enterprise Specific trap: 8Time Ticks: 9333960cCdmaServiceAffectedLevel.0 = major(3)cCdmaClusterSessHighThreshold.0 = 50cdma pdsn cluster controller session-low
To generate an alarm when the controller reaches the lower threshold of the sessions (hint to NOC that the system is being under utilized), use the cdma pdsn cluster member session-low command. To disable this feature, use the no form of this command.
cdma pdsn cluster controller session-low 1-999999
no cdma pdsn cluster controller session-low 1-999999
Syntax Description
Defaults
The range is 0-999999. The configured value should be less than the upper threshold value. The default value is 190000.
Command Modes
Global configuration
Command History
Usage Guidelines
You should take into account the number of members in the cluster when you configure the low threshold.
Examples
The following example illustrates the cdma pdsn cluster controller session-low command:
Received SNMPv1 Trap:Community: publicEnterprise: cCdmaPdsnMIBNotifPrefixAgent-addr: 9.15.72.15Enterprise Specific trap.Enterprise Specific trap: 9Time Ticks: 9330691cCdmaServiceAffectedLevel.0 = major(3)cCdmaClusterSessLowThreshold.0 = 10cdma pdsn cluster member
To configure the PDSN to operate as a cluster member, and to configure various parameters on the cluster member, use the cdma pdsn cluster member command. To disable certain cluster controller parameters, use the no form of this command.
cdma pdsn cluster member [controller ipaddr | interface interface-name | prohibit type
| queueing | timeout seconds [window number] | window number]no cdma pdsn cluster member [controller ipadd | interface interface-name | prohibit type
| queueing | timeout seconds [window number] | window number]Syntax Description
Defaults
The default timeout value for the cluster member is 300 seconds.
Command Modes
Global configuration
Command History
Usage Guidelines
The prohibit field enables a member to administratively rid itself of its load without service interruption. When enabled, the member is no longer given any new data sessions by the controller.
Examples
The following example enables a cdma pdsn cluster member:
cdma pdsn cluster member interface FastEthernet1/0cdma pdsn cluster member periodic-update
To enable sending only bulk-update on a member PDSN, use the cdma pdsn cluster member periodic-update command in Global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn cluster member periodic-update time
no cdma pdsn cluster member periodic-update time
Syntax Description
time
The time between when the member sends periodic bulk-updates. The time can be between 300 to 3000 msecs.
Defaults
The default value is 1000 ms.
Command Modes
Global configuration
Command History
Examples
The following example illustrates the cdma pdsn cluster member periodic-update command:
router# cdma pdsn cluster member periodic-update 1000cdma pdsn cluster member prohibit administratively
To separate a member PDSN out of the cluster use the cdma pdsn cluster member prohibit administratively command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn cluster member prohibit administratively
no cdma pdsn cluster member prohibit administratively
Syntax Description
This command has no arguments or keywords.
Defaults
There are no default values.
Command Modes
Global configuration.
Command History
Usage Guidelines
Note
The status of the member will be updated to the controller in a subsequent periodic keepalive reply message the member sends to the controller. When the controller receives the message, it does not select this member for any of the new incoming calls. The member PDSNs that are prohibited administratively can be displayed on the controller using the show cluster controller member prohibited administratively command.
Examples
The following command illustrates the use of the cdma pdsn cluster member prohibit administratively command.
router# cdma pdsn cluster member prohibit administrativelycdma pdsn compliance
To configure PDSN behavior to comply with various standards, use the cdma pdsn compliance command in global configuration mode. Use the no form of the command to disable this function.
cdma pdsn compliance [iosv4.1] [sdb] [is835a] [is835c]
no cdma pdsn compliance [iosv4.1] [sdb] [is835a] [is835c]
Syntax Description
Defaults
There are no default values for this command.
Command Modes
Global configuration
Command History
12.3(11)YF1
This command was introduced.
12.3(11)YF2
The sdb keyword was introduced.
Examples
The following example illustrates one instance of the cdma pdsn compliance command:
router# cdma pdsn compliance is835acdma pdsn compliance iosv4.1 session-reference
3GPP2 IOS version 4.2 mandates that the Session Reference ID in the A11 Registration Request is always set to 1. To configure the PDSN to interoperate with a PCF that is not compliant with 3GPP2 IOS version 4.2, use the cdma pdsn compliance iosv4.1 session-reference command in Global configuration mode. To disable this configuration, use the no form of this command.
cdma pdsn compliance iosv4.1 session-reference
no cdma pdsn compliance iosv4.1 session-reference
Syntax Description
This command has no arguments or keywords.
Defaults
Session Reference ID set to 1 in the A11 registration Request is on by default.
Command Modes
Global configuration.
Command History
Examples
The following command instructs the PDSN to skip any checks done on the session reference id of incoming Registration Requests to ensure that they are set to 1.
router # cdma pdsn compliance iosv4.1 session-referenceRelated Commands
debug cdma pdsn a11
Displays debug messages for A11 interface errors, events, and packets.
cdma pdsn debug show-conditions
To configure the PDSN to print the username/IMSI along with the debugs even without configuring conditional debugging, use the cdma pdsn debug show-conditions command in global configuration mode. Use the no form of the command to disable this function.
Syntax Description
This command has no arguments or keywords.
Defaults
The default value is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
When the debug conditions match, every line of the debug message is pre-pended with either the username or the IMSI (not both), depending on the condition set.
This behavior is controlled through the cdma pdsn debug show-condition and ip mobile debug include username commands. If conditional debugging is enabled without these CLI being configured, the username/IMSI will not be displayed in the debugs. However, if the above CLIs are configured without configuring conditional debugging, the username/IMSI is printed along with the debugs.
Examples
The following example enables username and IMSI printing in the debugs:
router(config)#cdma pdsn debug show-conditioncdma pdsn failure-history
To configure CDMA PDSN SNMP session failure history size, use the cdma pdsn failure-history command in global configuration mode. To return to the default length of time, use the no form of this command.
cdma pdsn failure-history entries
no cdma pdsn failure-history
Syntax Description
entries
Maximum number of entries that can be recorded in the SNMP session failure table. Possible values are 0 through 2000.
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
Examples
The following example specifies that 1000 is the maximum number of entries that can be recorded in the SNMP session table:
cdma pdsn failure-history 1000Related Commands
cdma pdsn ingress-address-filtering
To enable ingress address filtering, use the cdma pdsn ingress-address-filtering command in global configuration mode. To disable ingress address filtering, use the no form of this command.
cdma pdsn ingress-address-filtering
no cdma pdsn ingress-address-filtering
Syntax Description
This command has no arguments or keywords.
Defaults
Ingress address filtering is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
When this command is configured, the PDSN checks the source IP address of every packet received on the PPP link from the mobile station. If the address is not associated with the PPP link to the mobile station and is not an MIP RRQ or Agent Solicitation, then the PDSN discards the packet and sends a request to reestablish the PPP link.
Examples
The following example enables ingress address filtering:
cdma pdsn ingress-address-filteringRelated Commands
show cdma pdsn
Displays the current status and configuration of the PDSN gateway.
show cdma pdsn session
Displays the session information on the PDSN.
cdma pdsn ipv6
To enable the PDSN IPv6 functionality, use the cdma pdsn ipv6 command in global configuration mode. Use the now form of the command to disable this function.
cdma pdsn ipv6 {ra-count 1-5 [ra-interval 1-1800]}
no cdma pdsn ipv6 {ra-count 1-5 [ra-interval 1-1800]}
Syntax Description
Command Modes
Global configuration
Command History
Usage Guidelines
If the cdma pdsn ipv6 command is not entered, and a PDSN session is brought up with IPv6, the session will be terminated and the following message displayed:
%CDMA_PDSN-3-PDSNIPV6NOTENABLED: PDSN IPv6 feature has not been enabled.
Examples
The following example illustrates how to control the number and interval Routing Advertisements sent to the MN when an IPv6CP session comes up:
router(config)# cdma pdsn ipv6 ra-count 2 ra-interval 3cdma pdsn maximum pcf
To set the maximum number of PCFs that can connect to a PDSN, use the cdma pdsn maximum pcf command in global configuration mode. To disable a configured limit, use the no form of this command.
cdma pdsn maximum pcf maxpcf
no cdma pdsn maximum pcf
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
If no maximum number of PCFs is configured, the only limitation is the amount of memory.
You can configure the maximum PCFs to be less than the existing PCFs. As a result, when you issue the show cdma pdsn command, you may see more existing PCFs than the configured maximum. It is the responsibility of the user to bring down the existing PCFs to match the configured maximum.
Examples
The following example specifies that 200 PCFs can be sent:
cdma pdsn maximum pcf 200Related Commands
show cdma pdsn
Displays the current status and configuration of the PDSN gateway.
cdma pdsn maximum sessions
To set the maximum number of mobile sessions allowed on a PDSN, use the cdma pdsn maximum sessions command in global configuration mode. To disable a configured limit, use the no form of this command.
cdma pdsn maximum sessions maxsessions
no cdma pdsn maximum sessions
Syntax Description
maxsessions
Maximum number of mobile sessions allowed on a PDSN. Possible values depend on which image you are using.
Defaults
The c-5 images support 8000 sessions, and the c-6 images support 20000 sessions.
Command Modes
Global Configuration.
Command History
12.1(3)XS
This command was introduced.
12.2(8)BY
The maximum number of mobile sessions was raised to 20000.
Usage Guidelines
If PDSN runs out of resources before the configured number is reached, then PDSN will reject the creation of further sessions.
You can configure the maximum sessions to be less than the existing sessions. As a result, when you issue the show cdma pdsn command, you may see more existing sessions than the configured maximum. It is the responsibility of the user to bring down the existing sessions to match the configured maximum.
Examples
The following example sets the maximum number of mobile sessions to 100:
cdma pdsn maximum sessions 100Related Commands
cdma pdsn mobile-advertisement-burst
To configure the number and interval of Agent Advertisements that a PDSN FA can send, use the cdma pdsn mobile-advertisement-burst command in either interface or global configuration mode. To reset the configuration to the defaults, use the no form of this command.
cdma pdsn mobile-advertisement-burst {number value | interval msec}
no cdma pdsn mobile-advertisement-burst {number | interval}
Syntax Description
Defaults
The default number of agent advertisements to send is 5.
The default interval between advertisements is 200 milliseconds.
Command Modes
Interface or Global configuration.
Command History
Usage Guidelines
You must specify at least one of the optional parameters. Otherwise, the command has no effect. When virtual-access interfaces are created from the virtual template, default values will be used for any parameters not already configured on the virtual template.
This command should be configured on virtual templates only, and only when PDSN service is configured.
Examples
The following example configures PDSN FA advertisement:
cdma pdsn mobile-advertisement-burst number 10 interval 500Related Commands
cdma pdsn msid-authentication
To enable MSID-based authentication and access, use the cdma pdsn msid-authentication command in global configuration mode. To disable MSID-based authentication and access, use the no form of this command.
cdma pdsn msid-authentication [close-session-on-failure] [imsi number] [irm number] [min number] [profile-password password]
no cdma pdsn msid-authentication
Syntax Description
Defaults
MSID authentication is disabled. When enabled, the default values are as follows:
•
•
•
•
Command Modes
Global Configuration.
Command History
12.1(3)XS
This command was introduced.
12.2(2)XC
The profile-password keyword was added.
12.2(8)ZB1
The close-session-on-failure keyword was added
Usage Guidelines
MSID authentication provides Simple IP service for mobile stations that do not negotiate CHAP or PAP. Cisco PDSN retrieves a network profile based on the MSID from the RADIUS server. The network profile should include the internet realm of the home network that owns the MSID. Cisco PDSN constructs the NAI from the MSID and the realm. The constructed NAI is used in generated accounting records. If the PDSN is unable to obtain the realm, then it denies service to the mobile station.
The identifier used to retrieve the network profile from the RADIUS server depends on the format of the MSID, which can be one of the following:
•
•
•
If the mobile station uses IMSI, the default identifier that PDSN uses to retrieve network profile is of the form IMSI-nnnnn where nnnnn is the first five digits of the IMSI. The number of digits from the IMSI to be used can be configured using the command cdma pdsn msid-authentication imsi.
If the mobile station uses MIN, the default identifier that PDSN uses to retrieve network profile is of the form MIN-nnnnnn where nnnnnn is the first six digits of the MIN. The number of digits from the MIN to be used can be configured using the command cdma pdsn msid-authentication min.
If the mobile station uses IRM, the default identifier that PDSN uses to retrieve network profile is of the form IRM-nnnn where nnnn is the first four digits of the IRM. The number of digits from the IRM to be used can be configured using the command cdma pdsn msid-authentication irm.
The realm should be defined in the network profile on the RADIUS user with the Cisco AVPair attribute cdma:cdma-realm.
Examples
The following example enables MSID-based authentication and access:
cdma pdsn msid-authentication profile-password test1Related Commands
show cdma pdsn
Displays the current status and configuration of the PDSN gateway.
cdma pdsn pcf
To enable sending of vendor specific attributes in subscriber QoS profile based on the PCF, use the cdma pdsn pcf ip-address command in global configuration mode. Use the no form of the command to disable this feature.
cdma pdsn pcf PCF IP address ending IP address vendor-id NVSE Vendor id
no cdma pdsn pcf PCF IP address ending IP Address vendor-id NVSE Vendor id
Syntax Description
PCF IP address
Single or starting PCF IP address
ending PCF IP address
Ending PCF IP address.
NVSE Vendor Id
Radius vendor ID of PCF.
Defaults
The default value is that the home area attribute is not sent to the PCF.
Command Modes
Global configuration
Command History
Examples
The following example illustrates the cdma pdsn pcf command to configure vendor-id for a set of PCFs:
Router (config)# cdma pdsn pcf 10.1.1.1 10.1.1.50 vendor-id 3729cdma pdsn pcf default closed-rp
To enable the Closed-RP interface feature on the PDSN, use the cdma pdsn pcf default closed-rp command in global configuration mode. Use the no form of the command to disable the Closed-RP interface feature.
cdma pdsn pcf default closed-rp
no cdma pdsn pcf default closed-rp
Syntax Description
There are no arguments or keywords for this command.
Defaults
The default setting is that Closed-RP is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
When the cdma pdsn pcf default closed-rp command is configured, the Closed-RP interface feature is enabled on the PDSN. All the PCF's connecting to the PDSN will be considered as Closed-RP PCF's. When this command is configured the 3GPP2 (Open) RP interface will be disabled on the PCF.
Examples
The following example illustrates the cdma pdsn pcf default closed-rp command:
Router (config)# cdma pdsn pcf default closed-rpcdma pdsn radius disconnect
To enable support for Radius Disconnect on the Cisco PDSN, use the cdma pdsn radius disconnect command in Global configuration. Use the no form of the command to disable this feature.
cdma pdsn radius disconnect [nai]
no cdma pdsn radius disconnect [nai]
Syntax Description
nai
(Optional) Indicates whether to enable processing of Disconnect Request received with only the NAI attribute.
Defaults
By default the PDSN will not process a Disconnect Request received with only the nai attribute.
Command Modes
Global Configuration
Command History
Usage Guidelines
By default the PDSN will not process a Disconnect Request received with only NAI attribute. In a Service provider environment all simple IP sessions can be opened with the same user-name (and in case of Resource Management for sessions), therefore, a session identification attribute will be sent in Disconnect Request. Additionally, the overhead to maintain tables relating sessions and NAI can be avoided in such cases.
But if the PDSN can receive a Disconnect Request with only an NAI attribute in a particular environment, then nai keyword should be configured.
This configuration will set the Session Termination Capability VSA value to 1. The presence of other feature configurations (like MIP Revocation) can alter that value.
Examples
The following example illustrates the cdma pdsn radius disconnect command:
Router(config)#cdma pdsn radius disconnect nai
cdma pdsn redundancy
To enable the active PDSN to synchronize the session and flow related data to its standby peer, use the cdma pdsn redundancy command in global configuration mode. Use the no form of the command to disable this function.
cdma pdsn redundancy
no cdma pdsn redundancy
Syntax Description
There are no arguments or keywords for this command.
Defaults
The default setting is that PDSN redundancy is disabled.
Command Modes
Global configuration
Command History
Examples
The following example illustrates the cdma pdsn redundancy command:
Router (config)# cdma pdsn redundancycdma pdsn redundancy accounting send vsa swact
To send the Cisco VSA (cdma-rfswact) in first interim/stop record after switchover, use the cdma pdsn redundancy accounting send vsa swact command in Global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn redundancy accounting send vsa swact
no cdma pdsn redundancy accounting send vsa swact
Syntax Description
There are no keywords or arguments for this command.
Defaults
By default, this command is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
After a switchover takes place, the first interim or stop accounting record (as appropriate) includes a VSA (cdma-rfswact) indicating that a switchover has occurred. The inclusion of this VSA is controllable through this CLI.
If periodic syncing is enabled, you cannot configure the cdma pdsn redundancy accounting send vsa swact command, and vice-versa, as the two approaches are mutually exclusive.
Note
Examples
The following example illustrates the cdma pdsn redundancy accounting send vsa swact command:
Router(config)# cdma pdsn redundancy accounting send vsa swact
cdma pdsn redundancy accounting update-periodic
To enable the active PDSN to periodically synchronize accounting counters, and to synch accounting information between the active and standby in Session Redundancy environment, use the cdma pdsn redundancy accounting update-periodic command in global configuration mode. To disable this feature, use the no form of the command.
cdma pdsn redundancy accounting [update-periodic]
no cdma pdsn redundancy accounting [update-periodic]
Syntax Description
update-periodic
Syncs the G1/G2 and Packets In/Out with interim AAA updates, and closes the session if authorization fails.
Defaults
By default, this command is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
When configured, the byte and packet counts for each flow are synced from the active to the standby unit (only if they undergo a change) at the configured periodic accounting interval (using aaa accounting update periodic xxx). If periodic accounting is not configured, the byte and packet counts will not be synced.
Examples
The following example illustrates the cdma pdsn redundancy accounting update-periodic command:
Router(config)# cdma pdsn redundancy accounting update-periodiccdma pdsn retransmit a11-update
To specify the maximum number of times an A11 Registration Update message is retransmitted, use the cdma pdsn retransmit a11-update command in global configuration mode. To return to the default of 5 retransmissions, use the no form of this command.
cdma pdsn retransmit a11-update number
no cdma pdsn retransmit a11-update
Syntax Description
number
Maximum number of times an A11 Registration Update message is retransmitted. Possible values are 0 through 9. The default is 5 retransmissions.
Defaults
5 retransmissions.
Command Modes
Global Configuration
Command History
Usage Guidelines
PDSN may initiate the release of an A10 connection by sending an A11 Registration Update message to the PCF. In this case, the PCF is expected to send an A11 Registration Acknowledge message followed by an A11 Registration Request with Lifetime set to 0. If PDSN does not receive an A11 Registration Acknowledge or an A11 Registration Request with Lifetime set to 0, or if it receives an A11 Registration Acknowledge message with an update denied status, PDSN retransmits the A11 Registration Update. The number of retransmissions is 5 by default and is configurable using this command.
Examples
The following example specifies that A11 Registration Update messages will be retransmitted a maximum of 9 times:
cdma pdsn retransmit a11-update 9Related Commands
cdma pdsn secure cluster
To configure one common security association for all PDSNs in a cluster, use the cdma pdsn secure cluster command. To remove this configuration, use the no form of the command.
cdma pdsn secure cluster default spi {value | inbound value outbound value} key {hex | ascii} string
no cdma pdsn secure cluster
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
The SPI is the 4-byte index that selects the specific security parameters to be used to authenticate the peer. The security parameters consist of the authentication algorithm and mode, replay attack protection method, timeout, and IP address.
Examples
The following example shows a security association for a cluster of PDSNs:
cdma pdsn secure cluster spi 100 key hex 12345678123456781234567812345678Related Commands
cdma pdsn secure pcf
To configure the security association for one or more PCFs or the default security association for all PCFs, use the cdma pdsn secure pcf command. To remove this configuration, use the no form of the command.
cdma pdsn secure pcf {lower [upper] | default} spi {value | inbound value outbound value} key {hex | ascii} string [local-timezone]
no cdma pdsn secure pcf
Syntax Description
Defaults
There are no default behavior or values.
Command Modes
Global Configuration
Command History
12.2(2)XC
This command was introduced.
12.2(8)BY1
The local-timezone keyword was added.
Usage Guidelines
The SPI is the 4-byte index that selects the specific security parameters to be used to authenticate the peer. The security parameters consist of the authentication algorithm and mode, replay attack protection method, timeout, and IP address.
You can configure several explicit and default secure PCF entries. (An explicit entry being one in which the IP address of a PCF is specified.) When the PDSN receives an A11 message from a PCF, it attempts to match the message to a secure PCF entry as follows:
•
•
•
When the PDSN receives a request from a PCF, it performs an identity check. As part of this check, the PDSN compares the timestamp of the request to its own local time and determines whether the difference is within a specified range. This range is determined by the replay time window. If the difference between the timestamp and the local time is not within this range, a request rejection message is sent back to the PCF along with the value of PDSN's local time.
Examples
The following example shows PCF 20.0.0.1, which has a key that is generated by the MD5 hash of the string:
cdma pdsn secure pcf 20.0.0.1 spi 100 key hex 12345678123456781234567812345678The following example configures a global default replay time of 60 seconds for all PCFs and all SPIs:
cdma pdsn secure pcf default replay 60The following example configures a default replay time of 30 seconds for a specific SPI applicable to all PCFs:
cdma pdsn secure pcf default spi 100 key ascii cisco replay 30The following example configures a replay time of 45 seconds for a specific PCF/SPI combination:
cdma pdsn secure pcf 192.168.105.4 spi 200 key ascii cisco replay 45Related Commands
cdma pdsn selection interface
To configure the interface used to send and receive PDSN selection messages, use the cdma pdsn selection interface command in global configuration mode. To remove the configuration, use the no form of the command.
cdma pdsn selection interface interface_name
no cdma pdsn selection interface
Syntax Description
interface_name
Name (type and number) of the interface that is connected to the LAN to be used to exchange PDSN selection messages with the other PDSNs in the cluster.
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
Each PDSN in a cluster maintains information about the mobile stations connected to the other PDSNs in the cluster. All PDSNs in the cluster exchange this information using periodic multicast messages. For this reason, all PDSNs in the cluster should be connected to a shared LAN.
This command identifies the interface on the PDSN that is connected to the LAN used for sending and receiving PDSN selection messages.
The Intelligent PDSN Selection feature will not work if you do not configure this interface on each PDSN in the cluster.
Examples
The following example specifies that the FastEthernet0/1 interface should be used for sending and receiving PDSN selection messages:
cdma pdsn selection interface FastEthernet0/1Related Commands
cdma pdsn selection keepalive
To configure the intelligent PDSN selection keepalive feature, use the cdma pdsn selection keepalive command in global configuration mode. To disable the feature, use the no form of this command.
cdma pdsn selection keepalive value
no cdma pdsn selection keepalive
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Examples
The following example configures a keepalive value of 200 seconds:
cdma pdsn selection keepalive 200Related Commands
cdma pdsn selection load-balancing
To enable the load-balancing function of the intelligent PDSN selection feature, use the cdma pdsn selection load-balancing command in global configuration mode. To disable the load-balancing function, use the no form of this command.
cdma pdsn selection load-balancing [threshold val [alternate]]
no cdma pdsn selection load-balancing
Syntax Description
Defaults
The threshold value is 100 sessions.
Command Modes
Global Configuration
Command History
12.1(3)XS
This command was introduced.
12.2(8)BY
The maximum number of sessions that can be load-balanced was raised to 20000.
Usage Guidelines
You must enable PDSN selection session-table-size first. If sessions in a PDSN go beyond the threshold, PDSN selection will redirect the PCF to the PDSN that has less of a load.
Examples
The following example configures load-balancing with an advertisement interval of 2 minutes and a threshold of 50 sessions:
cdma pdsn selection load-balancing advertisement 2 threshold 50Related Commands
cdma pdsn selection session-table-size
Defines the size of the selection session database.
show cdma pdsn session
Displays PDSN session information.
cdma pdsn selection session-table-size
In PDSN selection, a group of PDSNs maintains a distributed session database. To define the size of the database, use the cdma pdsn selection session-table-size command in global configuration mode. To disable PDSN selection, use the no form of this command.
cdma pdsn selection session-table-size size
no cdma pdsn selection session-table-size
Syntax Description
Defaults
PDSN selection is disabled.
The default session table size is undefined.
Command Modes
Global Configuration
Command History
Examples
The following example sets the size of the distributed session database to 5000 sessions:
cdma pdsn selection session-table-size 5000Related Commands
cdma pdsn selection load-balancing
Enables the load-balancing function of PDSN selection.
show cdma pdsn session
Displays PDSN session information.
cdma pdsn send-agent-adv
To enable agent advertisements to be sent over a newly formed PPP session with an unknown user class that negotiates IPCP address options, use the cdma pdsn send-agent-adv command in global configuration mode. To disable the sending of agent advertisements, use the no form of this command.
cdma pdsn send-agent-adv
no cdma pdsn send-agent-adv
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
This command is used with multiple flows.
Examples
The following example enables agent advertisements to be sent:
cdma pdsn send-agent-advRelated Commands
show cdma pdsn
Displays the current status and configuration of the PDSN gateway.
cdma pdsn timeout
To configure a variety of differnent message timeouts, use the cdma pdsn timeout command in global configuration mode. To disable any of these message timeouts, use the no form of this command.
cdma pdsn timeout [a11-session-update | a11-update seconds | {airlink-start [close-rp | initiate-ppp]}mobile-ip-registration]
no [a11-session-update | a11-update seconds | {airlink-start [close-rp | initiate-ppp]}mobile-ip-registration]
Syntax Description
Defaults
a11-session-update default value is 1 second.
Command Modes
Global Configuration
Command History
12.1(3)XS
This command was introduced.
12.3(14)YF
The close-rp keyword was added.
Usage Guidelines
PDSN may initiate the release of an A10 connection by sending an A11 Registration Update message to the PCF. In this case, the PCF is expected to send an A11 Registration Acknowledge message followed by an A11 Registration Request with Lifetime set to 0. If PDSN does not receive an A11 Registration Acknowledge or an A11 Registration Request with Lifetime set to 0, PDSN times out and retransmits the A11 Registration Update. The default timeout is 1 second and is configurable using this command.
Examples
The following example specifies an A11 Registration Update message timeout value of 5 seconds:
PDSN(config)#cdma pdsn timeout airlink-start 5 ?close-rp Close RP session if airlink start timeout occursinitiate-ppp Initiate PPP negotiation if airlink start timeout occursPDSN(config)#cdma pdsn timeout airlink-start 5 iniPDSN(config)#cdma pdsn timeout airlink-start 5 initiate-ppp ?<cr>PDSN(config)#cdma pdsn timeout airlink-start 5 cloPDSN(config)#cdma pdsn timeout airlink-start 5 close-rp ?Related Commands
cdma pdsn timeout mobile-ip-registration
To set the timeout value before which Mobile IP registration should occur for a user skipping the PPP authentication, use the cdma pdsn timeout mobile-ip-registration command in global configuration mode. To return to the default 5-second timeout, use the no version of the command.
cdma pdsn timeout mobile-ip-registration timeout
no cdma pdsn timeout mobile-ip-registration
Syntax Description
Defaults
5 seconds.
Command Modes
Global Configuration
Command History
Usage Guidelines
A CDMA data user using Mobile IP will skip authentication and authorization during PPP and perform those tasks through Mobile IP registration. In order to secure the network, the traffic is filtered. The only packets allowed through the filter are the Mobile IP registration messages. As an additional protection, if the Mobile IP registration does not happen within a defined time, the PPP link is terminated.
Examples
The following example sets the timeout value for Mobile IP registration to 15 seconds:
cdma pdsn mobile-ip-timeout 15Related Commands
cdma pdsn virtual-template
To associate a virtual template with PPP over GRE, use the cdma pdsn virtual-template command in global configuration mode. To remove the association, use the no form of this command.
cdma pdsn virtual-template virtualtemplate_num
no cdma pdsn virtual-template virtualtemplate_num
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
PPP links are dynamically created. Each link requires an interface. The characteristics of each link are cloned from a virtual template. Because there can be multiple virtual templates defined in a single PDSN, this command is used to identify the virtual template that is used for cloning virtual accesses for PPP over GRE.
Examples
The following example associate virtual template 2 with PPP over GRE:
cdma pdsn virtual-template 2Related Commands
clear cdma pdsn cluster controller session record age
To clear session records of a specified age, use the clear cdma pdsn cluster controller session record age command in privileged EXEC mode.
clear cdma pdsn cluster controller session record age days
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the clear cdma pdsn cluster controller session record age command:
Router# clear cdma pdsn cluster controller session record age 1clear cdma pdsn cluster controller statistics
To clear controller statistics, use the clear cdma pdsn cluster controller statistics command in privileged EXEC mode.
clear cdma pdsn cluster controller statistics [queuing | redundancy]
Syntax Description
queuing
Clears statistics associated with controller queuing feature.
redundancy
Clears statistics associated with controller redundancy interface.
Defaults
There are no default values for this command.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the clear cdma pdsn cluster controller statistics command:
router# clear cdma pdsn cluster controller statistics queuingclear cdma pdsn cluster member statistics
To clear member statistics, use the clear cdma pdsn cluster member statistics command in privileged EXEC mode.
clear cdma pdsn cluster member statistics [queuing | statistics]
Syntax Description
Defaults
There are no default values for this command.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the clear cdma pdsn cluster member statistics command:
Router# clear cdma pdsn cluster member statistics queuing
clear cdma pdsn redundancy statistics
To clear the data counters associated with the PDSN session redundancy to their initial values, use the clear cdma pdsn redundancy statistics command in privileged EXEC mode.
clear cdma pdsn redundancy statistics
Syntax Description
There are no keywords or arguments for this command.
Defaults
There are no default values for this command.
Command Modes
EXEC mode
Command History
clear cdma pdsn session
To clear one or more user sessions on the PDSN, use the clear cdma pdsn session command in privileged EXEC mode.
clear cdma pdsn session {{all [rate value | send [a11-update | termreq] value]} | dormant | pcf ip_addr | msid number}
Syntax Description
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
12.1(3)XS
This command was introduced.
12.3(11)YF1
The rate, send, a11-update, dormant and termreq variables were added.
Usage Guidelines
This command terminates one or more user sessions. When this command is issued, the PDSN initiates the session release by sending an A11Registration Update message to the PCF.
The keyword all clears all sessions on a given PDSN. The keyword pcf with an IP address clears all the sessions coming from a given PCF. The keyword msid with a number will clear the session for a given MSID.
Examples
The following example clears session MSID 0000000002:
clear cdma pdsn session msid 0000000002clear cdma pdsn statistics
To clear the RAN-to-PDSN interface (RP) or PPP statistics on the PDSN, use the clear cdma pdsn statistics command in privileged EXEC mode.
clear cdma pdsn statistics
Syntax Description
There are no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Previous releases used the show cdma pdsn statistics command to show PPP and RP statistic summaries from the time the system was restarted. The clear cdma pdsn statistics command allows the user to reset the counters as desired, and to view the history since the counters were last reset.
Examples
The following example illustrates the clear cdma pdsn statistics rp command before and after the counters are reset.
Before counters are reset
Router#show cdma pdsn statistics rpRP Interface:Reg Request rcvd 5, accepted 5, denied 0, discarded 0
Note
Initial Reg Request accepted 4, denied 0Re-registration requests accepted 0, denied 0De-registration accepted 1, denied 0Registration Request Errors:Unspecified 0, Administratively prohibited 0Resource unavailable 0, Authentication failed 0Identification mismatch 0, Poorly formed requests 0Unknown PDSN 0, Reverse tunnel mandatory 0Reverse tunnel unavailable 0, Bad CVSE 0Update sent 1, accepted 1, denied 0, not acked 0Initial Update sent 1, retransmissions 0Acknowledge received 1, discarded 0Update reason lifetime expiry 0, PPP termination 1, other 0Registration Update Errors:Unspecified 0, Identification mismatch 0Authentication failed 0, Administratively prohibited 0Poorly formed request 0Service Option:asyncDataRate2 (12) success 4, failure 0After the counters are reset
Router#clear cdma pdsn statistics rp==> RESETTING COUNTERSRouter#show cdma pdsn statistics rpRP Interface:Reg Request rcvd 0, accepted 0, denied 0, discarded 0
Note
Initial Reg Request accepted 0, denied 0Re-registration requests accepted 0, denied 0De-registration accepted 0, denied 0Registration Request Errors:Unspecified 0, Administratively prohibited 0Resource unavailable 0, Authentication failed 0Identification mismatch 0, Poorly formed requests 0Unknown PDSN 0, Reverse tunnel mandatory 0Reverse tunnel unavailable 0, Bad CVSE 0Update sent 0, accepted 0, denied 0, not acked 0Initial Update sent 0, retransmissions 0Acknowledge received 0, discarded 0Update reason lifetime expiry 0, PPP termination 0, other 0Registration Update Errors:Unspecified 0, Identification mismatch 0Authentication failed 0, Administratively prohibited 0Poorly formed request 0Service Option:asyncDataRate2 (12) success 4, failure 0Related Commands
clear ip mobile
To clear various IP Mobile information, use the clear ip mobile EXEC command.
clear ip mobile [proxy | router | traffic | visitor [ip-address | nai string ip_address]]
Syntax Description
Command Modes
EXEC
Command History
12.0(1)T
This command was introduced.
12.2(2)XC
The nai keyword and associated variables were added.
Usage Guidelines
The foreign agent creates a visitor entry for each accepted visitor. The visitor entry allows the mobile node to receive packets while in a visited network. Associated with the visitor entry is the ARP entry for the visitor. There should be no need to clear the entry because it expires after lifetime is reached or when the mobile node deregisters.
When a visitor entry is removed, the number of users on the tunnel is decremented and the ARP entry is removed from the ARP cache. The visitor is not notified.
Use this command with care because it may terminate any sessions used by the mobile node. After using this command, the visitor will need to reregister to continue roaming.
Examples
The following example shows how counters can be used for debugging:
Router# show ip mobile trafficIP Mobility traffic:Advertisements:Solicitations received 0Advertisements sent 0, response to solicitation 0Home Agent Registrations:Register 8, Deregister 0 requestsRegister 7, Deregister 0 repliedAccepted 6, No simultaneous bindings 0Denied 1, Ignored 1Unspecified 0, Unknown HA 0Administrative prohibited 0, No resource 0Authentication failed MN 0, FA 0Bad identification 1, Bad request form 0.Router# clear ip mobile trafficRouter# show ip mobile trafficIP Mobility traffic:Advertisements:Solicitations received 0Advertisements sent 0, response to solicitation 0Home Agent Registrations:Register 0, Deregister 0 requestsRegister 0, Deregister 0 repliedAccepted 0, No simultaneous bindings 0Denied 0, Ignored 0Unspecified 0, Unknown HA 0Administrative prohibited 0, No resource 0Authentication failed MN 0, FA 0Bad identification 0, Bad request form 0Related Commands
crypto map (global IPSec)
To enter crypto map configuration mode and create or modify a crypto map entry, to create a crypto profile that provides a template for configuration of dynamically created crypto maps, or to configure a client accounting list, use the crypto map command in global configuration mode. To delete a crypto map entry, profile, or set, use the no form of this command.
crypto map map-name seq-num ipsec-manual
crypto map map-name seq-num ipsec-isakmp [dynamic dynamic-map-name] [discover] [profile profile-name]
crypto map map-name [client-accounting-list aaalist]
no crypto map map-name [seq-num]
Note
Syntax Description
Defaults
No crypto maps exist.
Peer discovery is not enabled.
Command Modes
Global configuration. Using this command puts you into crypto map configuration mode, unless you use the dynamic keyword.
Command History
Usage Guidelines
Use this command to create a new crypto map entry, to create a crypto map profile, or to modify an existing crypto map entry or profile.
After a crypto map entry has been created, you cannot change the parameters specified at the global configuration level because these parameters determine which of the configuration commands are valid at the crypto map level. For example, after a map entry has been created using the ipsec-isakmp keyword, you cannot change it to the option specified by the ipsec-manual keyword; you must delete and reenter the map entry.
After you define crypto map entries, you can assign the crypto map set to interfaces using the crypto map (interface IPSec) command.
Crypto Map Functions
Crypto maps provide two functions: filtering and classifying traffic to be protected and defining the policy to be applied to that traffic. The first use affects the flow of traffic on an interface; the second affects the negotiation performed (using IKE) on behalf of that traffic.
IPSec crypto maps define the following:
•
•
•
•
Multiple Crypto Map Entries with the Same Map Name Form a Crypto Map Set
A crypto map set is a collection of crypto map entries, each with a different seq-num argument but the same map-name argument. Therefore, for a given interface, you could have certain traffic forwarded to one IPSec peer with specified security applied to that traffic and other traffic forwarded to the same or a different IPSec peer with different IPSec security applied. To accomplish differential forwarding you would create two crypto maps, each with the same map-name argument, but each with a different seq-num argument. Crypto profiles must have unique names within a crypto map set.
Sequence Numbers
The number you assign to the seq-num argument should not be arbitrary. This number is used to rank multiple crypto map entries within a crypto map set. Within a crypto map set, a crypto map entry with a lower seq-num is evaluated before a map entry with a higher seq-num; that is, the map entry with the lower number has a higher priority.
For example, consider a crypto map set that contains three crypto map entries: mymap 10, mymap 20, and mymap 30. The crypto map set named "mymap" is applied to serial interface 0. When traffic passes through serial interface 0, the traffic is evaluated first for mymap 10. If the traffic matches any access list permit statement entry in the extended access list in mymap 10, the traffic will be processed according to the information defined in mymap 10 (including establishing IPSec SAs when necessary). If the traffic does not match the mymap 10 access list, the traffic will be evaluated for mymap 20, and then mymap 30, until the traffic matches a permit entry in a map entry. (If the traffic does not match a permit entry in any crypto map entry, it will be forwarded without any IPSec security.)
Dynamic Crypto Maps
Refer to the "Usage Guidelines" section of the crypto dynamic-map command for a discussion on dynamic crypto maps.
Crypto map entries that reference dynamic map sets should be the lowest priority map entries, allowing inbound SA negotiation requests to try to match the static maps first. Only after the request does not match any of the static maps, do you want it to be evaluated against the dynamic map set.
To make a crypto map entry referencing a dynamic crypto map set the lowest priority map entry, give the map entry the highest seq-num of all the map entries in a crypto map set.
Create dynamic crypto map entries using the crypto dynamic-map command. After you create a dynamic crypto map set, add the dynamic crypto map set to a static crypto map set with the crypto map (global IPSec) command using the dynamic keyword.
TED
TED is an enhancement to the IPSec feature. Defining a dynamic crypto map allows you to dynamically determine an IPSec peer; however, only the receiving router has this ability. With TED, the initiating router can dynamically determine an IPSec peer for secure IPSec communications.
Dynamic TED helps to simplify IPSec configuration on the individual routers within a large network. Each node has a simple configuration that defines the local network that the router is protecting and the IPSec transforms that are required.
Note
Crypto Map Profiles
Crypto map profiles are created using the profile profile-name keyword and argument combination. Crypto map profiles are used as configuration templates for dynamically creating crypto maps on demand for use with the Layer 2 Transport Protocol (L2TP) Security feature. The relevant SAs the crypto map profile will be cloned and used to protect IP traffic on the L2TP tunnel.
Note
Examples
The following example shows the minimum required crypto map configuration when IKE will be used to establish the security associations:
Router# crypto map mymap 10 ipsec-isakmpmatch address 101set transform-set my_t_set1set peer 10.0.0.1The following example shows the minimum required crypto map configuration when the security associations are manually established:
Router# crypto transform-set someset ah-md5-hmac esp-descrypto map mymap 10 ipsec-manualmatch address 102set transform-set somesetset peer 10.0.0.5set session-key inbound ah 256 98765432109876549876543210987654set session-key outbound ah 256 fedcbafedcbafedcfedcbafedcbafedcset session-key inbound esp 256 cipher 0123456789012345set session-key outbound esp 256 cipher abcdefabcdefabcdThe following example configures an IPSec crypto map set that includes a reference to a dynamic crypto map set.
Crypto map "mymap 10" allows security associations to be established between the router and either (or both) of two remote IPSec peers for traffic matching access list 101. Crypto map "mymap 20" allows either of two transform sets to be negotiated with the remote peer for traffic matching access list 102.
Crypto map entry "mymap 30" references the dynamic crypto map set "mydynamicmap," which can be used to process inbound security association negotiation requests that do not match "mymap" entries 10 or 20. In this case, if the peer specifies a transform set that matches one of the transform sets specified in "mydynamicmap," for a flow "permitted" by the access list 103, IPSec will accept the request and set up security associations with the remote peer without previously knowing about the remote peer. If accepted, the resulting security associations (and temporary crypto map entry) are established according to the settings specified by the remote peer.
The access list associated with "mydynamicmap 10" is also used as a filter. Inbound packets that match a permit statement in this list are dropped for not being IPSec protected. (The same is true for access lists associated with static crypto maps entries.) Outbound packets that match a permit statement without an existing corresponding IPSec SA are also dropped.
Router# crypto map mymap 10 ipsec-isakmpmatch address 101set transform-set my_t_set1set peer 10.0.0.1set peer 10.0.0.2crypto map mymap 20 ipsec-isakmpmatch address 102set transform-set my_t_set1 my_t_set2set peer 10.0.0.3crypto map mymap 30 ipsec-isakmp dynamic mydynamicmap!crypto dynamic-map mydynamicmap 10match address 103set transform-set my_t_set1 my_t_set2 my_t_set3The following example configures Tunnel Endpoint Discovery on a Cisco router:
Router# crypto map testtag 10 ipsec-isakmp dynamic dmap discoverThe following example configures a crypto profile to be used as a template for dynamically created crypto maps when IPSec is used to protect an L2TP tunnel:
Router# crypto map l2tpsec 10 ipsec-isakmp profile l2tpcrypto map local-address
To specify and name an identifying interface to be used by the crypto map for IPSec traffic, use the crypto map local-address command in global configuration mode. To remove this command from the configuration, use the no form of this command.
crypto map map-name local-address interface-id
no crypto map map-name local-address interface-id
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
Usage Guidelines
If you apply the same crypto map to two interfaces and do not use this command, two separate security associations (with different local IP addresses) could be established to the same peer for similar traffic. If you are using the second interface as redundant to the first interface, it could be preferable to have a single security association (with a single local IP address) created for traffic sharing the two interfaces. Having a single security association decreases overhead and makes administration simpler.
This command allows a peer to establish a single security association (and use a single local IP address) that is shared by the two redundant interfaces.
If applying the same crypto map set to more than one interface, the default behavior is as follows:
•
•
However, if you use a local-address for that crypto map set, it has multiple effects:
•
•
One suggestion is to use a loopback interface as the referenced local address interface, because the loopback interface never goes down.
Examples
The following example assigns crypto map set "mymap" to the S0 interface and to the S1 interface. When traffic passes through either S0 or S1, the traffic will be evaluated against the all the crypto maps in the "mymap" set. When traffic through either interface matches an access list in one of the "mymap" crypto maps, a security association will be established. This same security association will then apply to both S0 and S1 traffic that matches the originally matched IPSec access list. The local address that IPSec will use on both interfaces will be the IP address of interface loopback0.
interface S0crypto map mymapinterface S1crypto map mymapcrypto map mymap local-address loopback0debug cdma pdsn a10 ahdlc
To display debug messages for AHDLC, use the debug cdma pdsn a10 ahdlc command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn a10 ahdlc [ errors | events ]
no debug cdma pdsn a10 ahdlc [ errors | events ]
Syntax Description
errors
(Optional) Displays details of AHDLC packets in error.
events
(Optional) Displays AHDLC events.
Defaults
If the command is entered without any optional keywords, all of the types of debug information are enabled.
Command History
Examples
The following is sample output from the debug cdma pdsn a10 ahdlc command:
Router# debug cdma pdsn a10 ahdlc errorsahdlc error packet display debugging is onRouter# debug cdma pdsn a10 ahdlc eventsahdlc events display debugging is onRouter#*Jan 1 00:18:30:%LINK-3-UPDOWN:Interface Virtual-Access1, changed state to up*Jan 1 00:18:30:*****OPEN AHDLC******Jan 1 00:18:30: ahdlc_mgr_channel_create*Jan 1 00:18:30: ahdlc_mgr_allocate_available_channel:*Jan 1 00:18:30:ahdlc:tell h/w open channel 9 from engine 0debug cdma pdsn a10 gre
To display debug messages for A10 GRE interface errors, events, and packets, use the debug cdma pdsn a10 gre command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn a10 gre [errors | events | packets] [tunnel-key key]
no debug cdma pdsn a10 gre [errors | events | packets]
Syntax Description
Defaults
If the command is entered without any optional keywords, all of the types of debug information are enabled.
Command History
12.1(3)XS
This command was introduced.
12.2(8)BY
The tunnel-key parameter was added and the existing keywords were made optional.
Examples
The following is sample output from the debug cdma pdsn a10 gre events tunnel-key command:
Router#debug cdma pdsn a10 gre events tunnel-key 1Router#show debugCDMA:CDMA PDSN A10 GRE events debugging is on for tunnel key 1PDSN#*Mar 1 04:00:57.847:CDMA-GRE:CDMA-Ix1 (GRE/CDMA) created with src 5.0.0.2 dst 0.0.0.0*Mar 1 04:00:57.847:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1*Mar 1 04:00:59.863:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1*Mar 1 04:00:59.863:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1*Mar 1 04:01:01.879:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1*Mar 1 04:01:01.879:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1*Mar 1 04:01:03.899:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1*Mar 1 04:01:03.899:CDMA-GRE:(in) found session 5.0.0.2-4.0.0.1-1debug cdma pdsn a10 ppp
To display debug messages for A10 PPP interface errors, events, and packets, use the debug cdma pdsn a10 gre command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn a10 ppp [errors | events | packets]
no debug cdma pdsn a10 ppp [errors | events | packets]
Syntax Description
errors
(Optional) Displays A10 PPP errors.
events
(Optional) Displays A10 PPP events.
packets
(Optional) Displays transmitted or received A10 PPP packets.
Defaults
If the command is entered without any optional keywords, all of the types of debug information are enabled.
Command History
Examples
The following is sample output from the debug cdma pdsn a10 ppp command:
Router# debug cdma pdsn a10 ppp errorsCDMA PDSN A10 errors debugging is onRouter# debug cdma pdsn a10 ppp eventsCDMA PDSN A10 events debugging is onRouter# debug cdma pdsn a10 ppp packetsCDMA PDSN A10 packet debugging is onRouter#show debug*Jan 1 00:13:09:CDMA-PPP:create_va tunnel=CDMA-Ix1 virtual-template template=Virtual-Template2 ip_enabled=1*Jan 1 00:13:09:CDMA-PPP:create_va va=Virtual-Access1*Jan 1 00:13:09:CDMA-PPP:clone va=Virtual-Access1 subif_state=1 hwidb->state=0*Jan 1 00:13:09: linestate=1 ppp_lineup=0*Jan 1 00:13:09:%LINK-3-UPDOWN:Interface Virtual-Access1, changed state to up*Jan 1 00:13:09:CDMA-PPP:clone va=Virtual-Access1 subif_state=1 hwidb->state=4*Jan 1 00:13:09: linestate=0 ppp_lineup=0*Jan 1 00:13:09:*****OPEN AHDLC*****debug cdma pdsn a11
To display debug messages for A11 interface errors, events, and packets, use the debug cdma pdsn a11 command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn a11 [errors | events | packets ] [mnid]
no debug cdma pdsn a11 [errors | events | packets ]
Syntax Description
errors
(Optional) Displays A11 protocol errors.
events
(Optional) Displays A11 events.
packets
(Optional) Displays transmitted or received packets.
mnid
(Optional) Specifies the mobile station's ID.
Defaults
If the command is entered without any optional keywords, all of the types of debug information are enabled.
Command History
12.1(3)XS
This command was introduced.
12.2(8)BY
The MNID parameter was added and the existing keywords were made optional.
Examples
The following is sample output from the debug cdma pdsn a11commands:
Router#debug cdma pdsn a11 errorsCDMA PDSN A11 errors debugging is onRouter#show debug1d21h:CDMA-RP:(in) rp_msgs, code=1, status=01d21h:CDMA-RP:(enqueue req) type=1 homeagent=5.0.0.2 coaddr=4.0.0.11d21h: id=0xBEF750F0-0xBA53E0F lifetime=655351d21h:CDMA-RP:len=8, 00-00-00-00-00-00-00-F1 convert to 00000000000001(14 digits), type=IMSI1d21h:CDMA-RP:(req) process_rp_req, homeagent=5.0.0.2 coaddr=4.0.0.11d21h: lifetime=65535 id=BEF750F0-BA53E0Fimsi=000000000000011d21h:CDMA-RP:(req) rp_req_create, 5.0.0.2-4.0.0.1-1 imsi=000000000000011d21h:CDMA-RP:(out) rp_reply session=5.0.0.2-4.0.0.1-1, lifetime=655351d21h:CDMA-RP:(out) setup_rp_out_msg, ha=5.0.0.2 coa=4.0.0.1 key=11d21h:%LINK-3-UPDOWN:Interface Virtual-Access2000, changed state to up1d21h:CDMA-RP:ipmobile_visitor add/delete=1, mn=8.0.2.132, ha=7.0.0.21d21h:%LINEPROTO-5-UPDOWN:Line protocol on Interface Virtual-Access2000,changed state to upRouter#debug cdma pdsn a11 packets eventsRouter#show debugCDMA:CDMA PDSN A11 packet debugging is on for mnid 000000000000001CDMA PDSN A11 events debugging is on for mnid 000000000000001Router#*Mar 1 03:15:32.507:CDMA-RP:len=8, 01-00-00-00-00-00-00-10 convert to 000000000000001 (15 digits), type=IMSI*Mar 1 03:15:32.511:CDMA-RP:extension type=38, len=0*Mar 1 03:15:32.511:CDMA-RP:extension type=38, len=0*Mar 1 03:15:32.511:CDMA-RP:extension type=38, len=0*Mar 1 03:15:32.511:CDMA-RP:extension type=32, len=20*Mar 1 03:15:32.511: 00 00 01 00 EE 1F FC 43 0A 7D F9 36 29 C2 BA 28*Mar 1 03:15:32.511: 5A 64 D5 9C*Mar 1 03:15:32.511:CDMA-RP:(req) process_rp_req, homeagent=5.0.0.2 coaddr=4.0.0.1*Mar 1 03:15:32.511: lifetime=1800 id=AF3BFE55-69A109D IMSI=000000000000001*Mar 1 03:15:32.511:CDMA-RP:(req) rp_req_create, ha=5.0.0.2, coa=4.0.0.1, key=1 IMSI=000000000000001*Mar 1 03:15:32.511:CDMA-RP:(out) rp_reply session=5.0.0.2-4.0.0.1-1, lifetime=1800*Mar 1 03:15:32.511:CDMA-RP:(out) Setup RP out message, ha=5.0.0.2 coa=4.0.0.1 key=1*Mar 1 03:15:38.555:CDMA-RP:simple ip visitor added, mn=9.2.0.1, ha=0.0.0.0Router#*Mar 1 03:15:54.755:CDMA-RP:len=8, 01-00-00-00-00-00-00-10 convert to 000000000000001 (15 digits), type=IMSI*Mar 1 03:15:54.755:CDMA-RP:extension type=38, len=0*Mar 1 03:15:54.755:CDMA-RP:extension type=32, len=20*Mar 1 03:15:54.755: 00 00 01 00 EA 9C C6 4C BA B9 F9 B6 DD C4 19 76*Mar 1 03:15:54.755: 51 5A 56 45*Mar 1 03:15:54.755:CDMA-RP:(req) process_rp_req, homeagent=5.0.0.2 coaddr=4.0.0.1*Mar 1 03:15:54.755: lifetime=0 id=AF3BFE6B-4616E475 IMSI=000000000000001*Mar 1 03:15:54.755:CDMA-RP:(req) rp_req_lifetime_zero 5.0.0.2-4.0.0.1-1*Mar 1 03:15:54.755: IMSI=000000000000001*Mar 1 03:15:54.755:CDMA-RP:(out) rp_reply session=5.0.0.2-4.0.0.1-1, lifetime=0*Mar 1 03:15:54.755:CDMA-RP:(out) Setup RP out message, ha=5.0.0.2 coa=4.0.0.1 key=1Router#debug cdma pdsn a11 event mnid 000000000000001Router#show debugCDMA:CDMA PDSN A11 events debugging is on for mnid 000000000000001Router#*Mar 1 03:09:34.339:CDMA-RP:len=8, 01-00-00-00-00-00-00-10 convert to 000000000000001 (15 digits), type=IMSI*Mar 1 03:09:34.339:CDMA-RP:(req) process_rp_req, homeagent=5.0.0.2 coaddr=4.0.0.1*Mar 1 03:09:34.339: lifetime=1800 id=AF3BFCEE-DC9FC751 IMSI=000000000000001*Mar 1 03:09:34.339:CDMA-RP:(req) rp_req_create, ha=5.0.0.2, coa=4.0.0.1, key=1 IMSI=000000000000001*Mar 1 03:09:34.339:CDMA-RP:(out) rp_reply session=5.0.0.2-4.0.0.1-1, lifetime=1800*Mar 1 03:09:34.339:CDMA-RP:(out) Setup RP out message, ha=5.0.0.2 coa=4.0.0.1 key=1*Mar 1 03:09:40.379:CDMA-RP:simple ip visitor added, mn=9.2.0.1, ha=0.0.0.0Router#close the sessionRouter#*Mar 1 03:10:00.575:CDMA-RP:len=8, 01-00-00-00-00-00-00-10 convert to 000000000000001 (15 digits), type=IMSI*Mar 1 03:10:00.575:CDMA-RP:(req) process_rp_req, homeagent=5.0.0.2 coaddr=4.0.0.1*Mar 1 03:10:00.575: lifetime=0 id=AF3BFD09-18040319 IMSI=000000000000001*Mar 1 03:10:00.575:CDMA-RP:(req) rp_req_lifetime_zero 5.0.0.2-4.0.0.1-1*Mar 1 03:10:00.575: IMSI=000000000000001*Mar 1 03:10:00.575:CDMA-RP:(out) rp_reply session=5.0.0.2-4.0.0.1-1, lifetime=0*Mar 1 03:10:00.575:CDMA-RP:(out) Setup RP out message, ha=5.0.0.2 coa=4.0.0.1 key=1Router#debug cdma pdsn a11 packet mnid 000000000000001Router#show debugCDMA:CDMA PDSN A11 packet debugging is on for mnid 000000000000001Router#*Mar 1 03:13:37.803:CDMA-RP:extension type=38, len=0*Mar 1 03:13:37.803:CDMA-RP:extension type=38, len=0*Mar 1 03:13:37.803:CDMA-RP:extension type=38, len=0*Mar 1 03:13:37.803:CDMA-RP:extension type=32, len=20*Mar 1 03:13:37.803: 00 00 01 00 A8 5B 30 0D 4E 2B 83 FE 18 C6 9D C2*Mar 1 03:13:37.803: 15 BF 5B 57*Mar 1 03:13:51.575:CDMA-RP:extension type=38, len=0*Mar 1 03:13:51.575:CDMA-RP:extension type=32, len=20*Mar 1 03:13:51.575: 00 00 01 00 58 77 E5 59 67 B5 62 15 17 52 83 6D*Mar 1 03:13:51.579: DC 0A B0 5Bdebug cdma pdsn accounting
To display debug messages for accounting events, use the debug cdma pdsn accounting command in privileged EXEC mode. debug cdma pdsn accounting
debug cdma pdsn accounting
no debug cdma pdsn accounting
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn accounting command:
Router# debug cdma pdsn accountingCDMA PDSN accounting debugging is onRouter#*Jan 1 00:15:32:CDMA/ACCT:null vaccess in session_start*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[9]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[44] len:[3] 01 Processing Y1*Jan 1 00:15:32:CDMA/ACCT: Setup airlink record received*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[12]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[41] len:[6] 00 00 00 02 CDMA/ACCT: Processing Y2*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[9]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[42] len:[3] 12 CDMA/ACCT: Processing Y3*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1F] len:[17] 30 30 30 30 30 30 30 30 30 30 30 30 30 30 32 Processing A1*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[12]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[9] len:[6] 04 04 04 05 Processing D3*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[14]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[10] len:[8] 00 00 04 04 04 05 Processing D4*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[9]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[44] len:[3] 02 Processing Y1*Jan 1 00:15:32:CDMA/ACCT: Start airlink record received*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[12]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[41] len:[6] 00 00 00 02 CDMA/ACCT: Processing Y2*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[9]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[42] len:[3] 13 CDMA/ACCT: Processing Y3*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[10]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[11] len:[4] 00 02 Processing E1*Jan 1 00:15:32:CDMA/ACCT: Current Attribute type:0x[1A] len:[10]*Jan 1 00:15:32:CDMA/ACCT: VSA Vid:5535 type:[12] len:[4] 00 F1 Processing F1debug cdma pdsn accounting flow
To display debug messages for accounting flow, use the debug cdma pdsn accounting flow command in privileged EXEC mode. To disable this function, use the no form of this command
debug cdma pdsn accounting flow
no debug cdma pdsn accounting flow
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn accounting flow command:
Router# debug cdma pdsn acc flowCDMA PDSN flow based accounting debugging is onpdsn-6500#01:59:40:CDMA-SM:cdma_pdsn_flow_acct_upstream sess id 1 flow type 0 bytes 100 addr 20.20.20.101:59:40:CDMA-SM:cdma_pdsn_flow_acct_downstream sess id 1 flow type 0 bytes 100 addr 20.20.20.1debug cdma pdsn accounting time-of-day
To display the timer value, use the debug cdma pdsn accounting time-of-day command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn accounting time-of-day
no debug cdma pdsn accounting time-of-day
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn accounting time-of-day command:Router# debug cdma pdsn accounting time-of-dayCDMA PDSN accounting time-of-day debugging is onFeb 15 19:13:23.634:CDMA-TOD:Current timer expiring in 22 secondsFeb 15 19:13:24.194:%SYS-5-CONFIG_I:Configured from console by consoleRouter#Feb 15 19:13:45.635:CDMA-TOD:Timer expired...Rearming timerFeb 15 19:13:45.635:CDMA-TOD:Gathering session infoFeb 15 19:13:45.635:CDMA-TOD:Found 0 sessionsdebug cdma pdsn closed-rp
To display the error messages, event messages s and packets received, use the debug cdma pdsn closed-rp command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn closed-rp [error | events | packets]
no debug cdma pdsn closed-rp [error | events | packets]
Syntax Description
error
Displays closed-rp error messages.
events
Displays closed-rp events.
packets
Displays closed-rp packets.
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn closed-rp command:
Router#debug cdma pdsn closed-rp ?errors CDMA PDSN closed-rp errorsevents CDMA PDSN closed-rp eventspacket CDMA PDSN closed-rp packetdebug cdma pdsn cluster
To display the error messages, event messages and packets received, use the debug cdma pdsn cluster command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn cluster {message [error | events | packets] redundancy [error | events | packets]}
no debug cdma pdsn cluster {message [error | events | packets] redundancy [error | events | packets]}
Syntax Description
Defaults
No default behavior or values.
Command History
Usage Guidelines
This debug is only allowed on PDSN c6-mz images, and helps to monitor cluster information.
Examples
The following is sample output from the debug cdma pdsn cluster command:
Router# debug cdma pdsn cluster ?message Debug PDSN cluster controller messagesredundancy Debug PDSN cluster controller redundancydebug cdma pdsn ipv6
To display IPV6 error or event messages, use the debug cdma pdsn IPV6 command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn ipv6
no debug cdma pdsn ipv6
Syntax Description
There are no arguments or keywords for this command.
Defaults
No default behavior or values.
Command History
Usage Guidelines
The following example illustrates the debug cdma pdsn ipv6 command:
Router# debug cdma pdsn ipv6
debug cdma pdsn prepaid
To display debug messages about prepaid flow, use the debug cdma pdsn prepaid command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn prepaid
no debug cdma pdsn prepaid
Syntax Description
There are no arguments or keywords for this command.
Defaults
No default behavior or values.
Command History
Usage Guidelines
The following is sample output from the debug cdma pdsn prepaid command:
Router# debug cdma pdsn prepaid*Jan 13 17:46:56: CDMA-PREPAID: Volume Threshold 1000 bytes reached for Quota Id 1, current quota usage 1000 bytes^M*Jan 13 17:46:56: CDMA-PREPAID: Preparing to send on-line Access Request^M*Jan 13 17:46:56: CDMA-PREPAID: Update Reason: Threshold Reached^M*Jan 13 17:46:56: CDMA-PREPAID: Added Username: mwtr_sip_user^M*Jan 13 17:46:56: CDMA-PREPAID: Added Message Authenticator attribute^M*Jan 13 17:46:56: CDMA-PREPAID: Added CLID: 00000000000002^M*Jan 13 17:46:56: CDMA-PREPAID: Added Service Option: 245^M*Jan 13 17:46:56: CDMA-PREPAID: Added Correlation ID: 0000001E^M*Jan 13 17:46:56: CDMA-PREPAID: Adding PrepaidAccountingQuota(PPAQ):^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_QUOTA_ID_SUBTYPE[1]: value=1^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_VOLUME_QUOTA_SUBTYPE[2]: value=1000^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_VOLUME_QUOTA_OVERFLOW_SUBTYPE[3]: value=0^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_VOLUME_THRESHOLD_OVERFLOW_SUBTYPE[5]: value=0^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_UPDATE_REASON_SUBTYPE[8]: value=3^M------------------------------------------------------------------------------------------*Jan 13 17:46:56: CDMA-PREPAID: Received prepaid response: status 2^M*Jan 13 17:46:56: CDMA-PREPAID: AAA authorised params being processed in on-line Access Accept^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: addr^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: Framed-Protocol^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: service-type^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: routing^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: cdma-prepaid-accounting-capability^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: cdma-sess-term-capability^M*Jan 13 17:46:56: CDMA-PREPAID: Attr received: cdma-prepaid-accounting-quota^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: AAA_AT_CDMA_PREPAID_ACCOUNTING_QUOTA^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_QUOTA_ID_SUBTYPE[1]: value=1^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_VOLUME_QUOTA_SUBTYPE[2]: value=4000^M*Jan 13 17:46:56: CDMA/PREPAID/AAA: PPAQ_VOLUME_THRESHOLD_SUBTYPE[4]: value=3000^M*Jan 13 17:46:56: CDMA-PREPAID: Volume Quota received: 4000 bytes with threshold 3000 bytes^M*Jan 13 17:46:56: CDMA-PREPAID: Access Accept received and retrieved attributes successfully^Mdebug cdma pdsn qos
To display debug messages about quality of service features, use the debug cdma pdsn qos command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn qos [errors | events]
no debug cdma pdsn qos [errors | events]
Syntax Description
Defaults
There are no default values for this command.
Command History
debug cdma pdsn radius disconnect nai
To display debug messages about RADIUS disconnect functions, use the debug cdma pdsn radius disconnect nai command in Privileged EXEC mode. Use the no form of the command to disable debug messages.
debug cdma pdsn radius disconnect nai
no debug cdma pdsn radius disconnect nai
Syntax Description
There are no keywords or arguments for this command.
Defaults
There are no default values for this command.
Command Modes
EXEC mode
Command History
Examples
Here is sample output for the debug cdma pdsn radius disconnect nai command:
Jan 5 12:17:59.671: CDMA-POD: POD request receivedJan 5 12:17:59.671: CDMA-POD: NAI in POD request : mwtr-mip-sa2sp1-user1@ispxyz.comJan 5 12:17:59.671: CDMA-POD: IMSI in POD request : 00000000000201Jan 5 12:17:59.671: CDMA-POD: Delete flow for NAI: mwtr-mip-sa2sp1-user1@ispxyz.comJan 5 12:17:59.671: CDMA-POD: Delete flow for NAI: mwtr-mip-sa2sp1-user1@ispxyz.comdebug cdma pdsn redundancy attributes
To debug the PDSN session redundancy attributes, use the debug cdma pdsn redundancy attributes command.
debug cdma pdsn redundancy attributes
Syntax Description
There are no keywords or arguments for this command.
Defaults
There are no default values for this command.
Command Modes
EXEC mode
Command History
debug cdma pdsn redundancy errors
To debug the PDSN-SR redundancy aspect of errors, use the debug cdma pdsn redundancy errors command.
debug cdma pdsn redundancy errors
Syntax Description
There are no keywords or arguments for this command.
Defaults
There are no default values for this command.
Command Modes
EXEC mode
Command History
debug cdma pdsn redundancy events
To debug events for PDSN session redundancy, use the debug cdma pdsn redundancy events command.
debug cdma pdsn redundancy events
Syntax Description
There are no keywords or arguments for this command.
Defaults
There are no default values for this command.
Command Modes
EXEC mode
Command History
debug cdma pdsn redundancy packets
To debug and collect any data pertaining to PDSN-SR, use the debug cdma pdsn redundancy packets command.
debug cdma pdsn redundancy packets
Syntax Description
There are no keywords or arguments for this command.
Defaults
There are no default values for this command.
Command Modes
EXEC mode
Command History
debug cdma pdsn resource-manager
To display debug messages that help you monitor the resource-manager information, use the debug cdma pdsn resource-manager command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn resource-manager [error | events]
no debug cdma pdsn resource-manager [error | events]
Syntax Description
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn resource-manager command:
Router# debug cdma pdsn resource-manager ?errors CDMA PDSN resource manager errorsevents CDMA PDSN resource manager eventsdebug cdma pdsn selection
To display debug messages for the intelligent PDSN selection feature, use the debug cdma pdsn selection command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn selection {errors | events | packets}
no debug cdma pdsn selection {errors | events | packets}
Syntax Description
errors
Displays pdsn selection errors.
events
Displays pdsn selection events.
packets
Displays transmitted or received packets.
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn selection command with the keyword events specified:
Router#debug cdma pdsn selection eventsCDMA PDSN selection events debugging is onRouter#00:27:46: CDMA-PSL: Message(IN) pdsn 51.4.2.40 interface 70.4.2.4000:27:46: Keepalive 1000:27:46: Count 000:27:46: Capacity 1600000:27:46: Weight 000:27:46: Hostname 11 7206-PDSN-200:27:46: CDMA-PSL: Reset keepalive, pdsn 51.4.2.40 current 10 new 1000:27:46: CDMA-PSL: Message processed, pdsn 51.4.2.40 tsize 0 pendings 000:27:47: CDMA-PSL: Send KEEPALIVE, len 3200:27:47: CDMA-PSL: Message(OUT) dest 224.0.0.1100:27:47: Keepalive 1000:27:47: Count 100:27:47: Capacity 1600000:27:47: Weight 000:27:47: Hostname 11 7206-PDSN-100:27:47: CDMA-PSL: RRQ sent, s=70.4.1.40 (FastEthernet0/1), d=224.0.0.11debug cdma pdsn service-selection
To display debug messages for service selection, use the debug cdma pdsn service-selection command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn service-selection
no debug cdma pdsn service-selection
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command History
Examples
The following is sample output from the debug cdma pdsn service-selection command:
Router# debug cdma pdsn service-selectionCDMA PDSN service provisioning debugging is onRouter#1d02h:%LINK-3-UPDOWN:Interface Virtual-Access3, changed state to up1d02h:Vi3 CDMA-SP:user_class=1, ms_ipaddr_req=1, apply_acl=01d02h:Vi3 CDMA-SP:Adding simple ip flow, user=bsip, mn=6.0.0.2,1d02h:%LINEPROTO-5-UPDOWN:Line protocol on Interface Virtual-Access3,changed state to updebug cdma pdsn session
To display debug messages for Session Manager errors, events, and packets, use the debug cdma pdsn session-manager command in privileged EXEC mode. To disable debug messages, use the no form of this command.
debug cdma pdsn session [errors | events ]
no debug cdma pdsn session [errors | events]
Syntax Description
Defaults
If the command is entered without any optional keywords, all of the types of debug information are enabled.
Command History
Examples
The following is sample output from the debug cdma pdsn session command:
Router# debug cdma pdsn session eventsCDMA PDSN session events debugging is onRouter# debug cdma pdsn session errorsCDMA PDSN session errors debugging is onRouter# show debugCDMA:CDMA PDSN session events debugging is onCDMA PDSN session errors debugging is onRouter#*Jan 1 00:22:27:CDMA-SM:create_session 5.5.5.5-4.4.4.5-2*Jan 1 00:22:27:CDMA-SM:create_tunnel 5.5.5.5-4.4.4.5*Jan 1 00:22:27:%LINK-3-UPDOWN:Interface Virtual-Access1, changed state to up*Jan 1 00:22:29:CDMA-SM:create_flow mn=0.0.0.0, ha=8.8.8.8 nai=l2tp2@cisco.com*Jan 1 00:22:30:%LINEPROTO-5-UPDOWN:Line protocol on Interface Virtual-Access1, changed state to updebug condition calling
To enable conditional debug feature for clustering, use the debug condition calling command in privileged EXEC mode. To remove the condition, use the no form of the command.
debug condition calling msid
no debug condition calling msid
Syntax Description
Defaults
When all the conditions are removed, the debugging information will appear without any filtering mechanism.
Command History
Examples
The following example illustrates how to enable conditional debugging for the clustering feature:
router# debug condition callingdebug condition username
To filter the output of the debug ip mobile command, use the debug condition username command to set the conditions. Use the no form of this command to remove the conditions.
debug condition username username
no debug condition username username
Syntax Description
Defaults
When all the conditions are removed, the debugging information will appear without any filtering mechanism.
Command History
Examples
The following example illustrates how to filter conditional debugging for the debug ip mobile command:
router# debug condition username user1debug ip mobile
Use the debug ip mobile command in privileged EXEC mode to display debugging information about the Mobile IP subsystem. Use the no form of the command to disable debugging functions.
debug ip mobile [advertise | local-area | proxy | redundancy | router]
no debug ip mobile [advertise | local-area | proxy | redundancy | router]
Syntax Description
Defaults
No default values.
Command History
12.0(1)T
This command was introduced.
12.3(8)XW
The local-area, proxy, redundancy, and router keywords were added.
Examples
The following is sample output from the debug ip mobile advertise command. Table 1 describes significant fields shown in the display.
Router# debug ip mobile advertiseMobileIP: Agent advertisement sent out Ethernet1/2: type=16, len=10, seq=1,lifetime=36000,flags=0x1400(rbhFmGv-rsv-),Care-of address: 68.0.0.31Prefix Length ext: len=1 (8 )Table 1 Debug IP Mobile Advertise Field Descriptions
debug ip mobile cdma ipsec
To enable debugging on the IS835 IPsec feature, use the debug ip mobile cdma ipsec command in privileged EXEC mode. To disable debugging for this feature, use the no form of the command.
debug ip mobile cdma ipsec
no debug ip mobile cdma ipsec
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command History
Examples
The following example illustrates how to issue the debug ip mobile cdma ipsec command:
router# debug ip mobile csma ipsecinterface cdma-Ix
To define the virtual interface for the R-P tunnels, use the interface cdma-Ix command in global configuration mode. To disable the interface, use the no form of this command.
interface cdma-Ix1
no interface cdma-Ix1
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
The only interface level command allowed on the virtual interface is the IP address configuration.
Examples
The following example defines the virtual interface for the R-P tunnel and configures the IP address:
interface cdma-Ix1ip address 1.1.1.1 255.255.0.0Related Commands
ip mobile authentication ignore-spi
To enable MNs and Foreign Agents to use the SPI while calculating the authenticator value for Mobile-Home Auth or Foreign-Home authorization, use the ip mobile authentication ignore-spi global configuration command.
ip mobile authentication ignore-spi
Syntax Description
This command has no arguments or keywords.
Defaults
No default values.
Command Modes
Global configuration.
Command History
Examples
The following example illustrates the ip mobile authentication ignore-spi command:
Router# ip mobile authentication ignore-spi
ip mobile bindupdate
During an inter-PDSN handoff, to enable an HA to send a binding update message to an old FA to release the unused PPP session the FA is holding, use the ip mobile bindupdate global configuration command. To disable this configuration, use the no form of the command.
ip mobile bindupdate [acknowledge | maximum secs | minimum secs | retry value]
no ip mobile bindupdate [acknowledge | maximum secs | minimum secs | retry value]
Syntax Description
Defaults
No default values.
Command Modes
Global configuration.
Command History
Examples
The following example illustrates the ip mobile bindupdate command:
Router# ip mobile bindupdate
ip mobile cdma imsi dynamic
To enable the PDSN to delete the first call session for dynamic home address cases (1x-RTT to EVDO handoff where IMSI changes during the handoff), and allow the new session to come up, use the ip mobile cdma imsi dynamic command in global configuration mode. Use the no form of the command to disable this feature.
ip mobile cdma imsi dynamic
no ip mobile cdma imsi dynamic
Syntax Description
There are no arguments or keywords for this command.
Defaults
There are no default values for this command.
Command Modes
Global configuration
Command History
Examples
The following example illustrates how to issue the ip mobile cdma imsi dynamic command:
router(config)# ip mobile cdma imsi dynamic
ip mobile cdma ipsec
To enable IS835 IPSec security, use the ip mobile cdma ipsec command in global configuration mode. Use the no form of the command to disable this feature.
ip mobile cdma ipsec
no ip mobile cdma ipsec
Syntax Description
There are no arguments or keywords for this command.
Defaults
There are no default values for this command.
Command Modes
Global configuration
Command History
Usage Guidelines
This command is only present in crypto images for the 7200, and non-crypto images for the MWAM.
Examples
The following example illustrates how to enable IS835 IPsec on the PDSN:
router# ip mobile cdma ipsecip mobile foreign-agent
To enable foreign agent service, use the ip mobile foreign-agent global configuration command. To disable this service, use the no form of this command.
ip mobile foreign-agent [care-of interface | reg-wait seconds | local-timezone]
no ip mobile foreign-agent [care-of interface | reg-wait seconds | local-timezone]
Syntax Description
Defaults
Disabled.
Command Modes
Global configuration
Command History
12.0(1)T
This command was introduced.
12.2(2)XC
The local-timezone keyword was added.
Usage Guidelines
This command enables foreign agent service when at least one care-of address is configured. When no care-of address exists, foreign agent service is disabled.
The foreign agent is responsible for relaying the registration request to the home agent, setting up tunnel to the home agent, and forwarding packets to the mobile node. The show commands used to display relevant information are shown in parentheses in the following paragraph.
When a registration request comes in, the foreign agent will ignore requests when foreign agent service is not enabled on interface or no care-of address is advertised. If a security association exists for a visiting mobile node, the visitor is authenticated (show ip mobile secure visitor command). The registration bitflag is handled as described in Table 2 (show ip mobile interface command). The foreign agent checks the validity of the request. If successful, the foreign agent relays the request to the home agent, appending an FH authentication extension if a security association for the home agent exists. The pending registration timer of 15 seconds is started (show ip mobile visitor pending command). At most, five outstanding pending requests per mobile node are allowed. If a validity check fails, the foreign agent sends a reply with error code to the mobile node (reply codes are listed in Table 3). A security violation is logged when visiting mobile node authentication fails (show ip mobile violation command). (Violation reasons are listed in Table 9.)
When a registration reply comes in, the home agent is authenticated (show ip mobile secure home-agent command) if a security association exists for the home agent (IP source address or home agent address in reply). The reply is relayed to the mobile node.
When registration is accepted, the foreign agent creates or updates the visitor table, which contains the expiration timer. If no binding existed before this registration, a virtual tunnel is created, a host route to the mobile node via the interface (of the incoming request) is added to the routing table (show ip route mobile command), and an ARP entry is added to avoid sending ARP requests for the visiting mobile node. Visitor binding is removed (along with its associated host route, tunnel, and ARP entry) when the registration lifetime expires or deregistration is accepted.
When registration is denied, the foreign agent will remove the request from the pending registration table. The table and timers of the visitor will be unaffected.
When a packet destined for the mobile node arrives on the foreign agent, the foreign agent will de-encapsulates the packet and forwards it out its interface to the visiting mobile node, without sending ARP requests.
The care-of address must be advertised by the foreign agent. This is used by the mobile node to register with the home agent. The foreign agent and home agent use this address as the source and destination point of tunnel, respectively. The foreign agent is not enabled until at least one care-of address is available. The foreign agent will advertise on interfaces configured with the ip mobile foreign-service command.
Only care-of addresses with interfaces that are up are considered available.
Examples
The following example enables foreign agent service on interface Ethernet1, advertising 1.0.0.1 as the care-of address:
ip mobile foreign-agent care-of Ethernet0interface Ethernet0ip address 1.0.0.1 255.0.0.0interface Ethernet1ip mobile foreign-serviceRelated Commands
ip mobile foreign-service
To enable foreign agent service on an interface if care-of addresses are configured, use the ip mobile foreign-service interface configuration command. To disable this service, use the no form
of this command.ip mobile foreign-service [home-access acl] [limit number] [registration-required] [challenge {timeout value | window num | forward-mfce}] [reverse-tunnel [mandatory]]
no ip mobile foreign-service [home-access acl] [limit number] [registration-required] [challenge {timeout value | window num | forward-mfce}] [reverse-tunnel [mandatory]]
Syntax Description
Defaults
Disabled. Default is no limit to the number of visitors allowed on an interface. The default number of challenge values is 2.
Command Modes
Global configuration
Command History
12.0(1)T
This command was introduced.
12.1(3)XS
The challenge keyword and associated parameters were added.
12.2(2)XC
The reverse-tunnel keyword was added.
Usage Guidelines
This command enables foreign agent service on the interface. The foreign agent (F) bit will be set in the agent advertisement, which is appended to the IRDP router advertisement whenever the foreign agent or home agent service is enabled on the interface.
Note
Table 4 lists the advertised bitflags.
Examples
The following example enables foreign agent service for up to 100 visitors:
interface Ethernet 0ip mobile foreign-service limit 100 registration-requiredRelated Commands
ip mobile foreign-service revocation
To enable registration revocation support on the PDSN, use the ip mobile foreign-service revocation command in Global configuration. To disable this feature, use the no form of the command.
ip mobile foreign-service revocation [timeout value] [retransmit value] [timestamp msec]
Syntax Description
Defaults
The default value for timeout is 3 seconds, and the default value for retransmit is 3 seconds.
Command Modes
Global configuration
Command History
Usage Guidelines
The Registration Revocation feature requires that all the foreign-service configurations should be done globally, and not under the virtual-template interface.
Examples
The following example illustrates the ip mobile foreign-service revocation command:
Router(config)#ip mobile foreign-service revocation timeout 6 retransmit 10ip mobile prefix-length
To append the prefix-length extension to the advertisement, use the ip mobile prefix-length command in interface configuration mode. To restore the default, use the no form of this command.
ip mobile prefix-length
no ip mobile prefix-length
Syntax Description
This command has no arguments or keywords.
Defaults
The prefix-length extension is not appended.
Command Modes
Interface configuration
Command History
Usage Guidelines
The prefix-length extension is used for movement detection. When a mobile node registered with one foreign agent receives an agent advertisement from another foreign agent, the mobile node uses the prefix-length extension to determine whether the advertisements arrived on the same network. The mobile node needs to register with the second foreign agent if it is on a different network. If the second foreign agent is on the same network, reregistration is not necessary.
Examples
The following example appends the prefix-length extension to agent advertisements sent by a foreign agent:
ip mobile prefix-lengthRelated Commands
show ip mobile interface
Displays advertisement information for interfaces that are providing foreign agent service or are home links for mobile nodes.
ip mobile proxy-host
To locally configure the proxy Mobile IP attributes of the PDSN, use the ip mobile proxy-host global configuration command. To remove the configuration, use the no form of this command.
ip mobile proxy-host nai username@realm [flags rrq-flags] [home-agent homeagent] [home-addr home_address] [lifetime value] [local-timezone]
no ip mobile proxy-host nai username@realm [flags rrq-flags] [home-agent homeagent] [home-addr home_address] [lifetime value] [local-timezone]
Syntax Description
Defaults
No security association is specified.
Command Modes
Global configuration
Command History
Usage Guidelines
All proxy Mobile IP attributes can be retrieved from the AAA server. You can use this command to configure the attributes locally.
If only a realm is specified, the home address cannot be specified.
Examples
The following example shows the ip mobile proxy-host command:
ip mobile proxy-host nai MoIPProxy1@cisco.com flags 40 ha 3.3.3.1 lifetime 6000Related Commands
ip mobile registration-lifetime
To set the registration lifetime value advertised, use the ip mobile registration-lifetime command in interface configuration mode.
ip mobile registration-lifetime seconds
Syntax Description
Defaults
36000 seconds
Command Modes
Interface configuration
Command History
Usage Guidelines
This command allows an administrator to control the advertised lifetime on the interface. The foreign agent uses this command to control duration of registration. Visitors requesting longer lifetimes will be denied.
Examples
The following example sets the registration lifetime to 10 minutes on interface Ethernet 1 and 1 hour on interface Ethernet 2:
interface e1ip mobile registration-lifetime 600interface e2ip mobile registration-lifetime 3600Related Commands
show ip mobile interface
Displays advertisement information for interfaces that are providing foreign agent service or are home links for mobile nodes.
ip mobile secure
To specify the mobility security associations for the mobile host, visitor, home agent, foreign agent, and proxy host, use the ip mobile secure global configuration command. To remove the mobility security associations, use the no form of this command.
ip mobile secure {aaa-download | visitor | home-agent | proxy-host} {lower-address [upper-address] | nai string} {inbound-spi spi-in outbound-spi spi-out | spi spi} key {hex | ascii} string [replay timestamp [number] algorithm md5 mode prefix-suffix]
no ip mobile secure {aaa-download | visitor | foreign-agent | proxy-host} {lower-address [upper-address] | nai string} {inbound-spi spi-in outbound-spi spi-out | spi spi} key {hex | ascii} string [replay timestamp [num] algorithm md5 mode prefix-suffix]
Syntax Description
Defaults
No security association is specified.
Command Modes
Global configuration
Command History
12.0(1)T
This command was introduced.
12.2(2)XC
The proxy-host and nai keywords were added.
Usage Guidelines
The security association consists of the entity address, SPI, key, replay protection method, authentication algorithm, and mode.
The SPI is the 4-byte index that selects the specific security parameters to be used to authenticate the peer. The security parameters consist of the authentication algorithm and mode, replay attack protection method, timeout, and IP address.
On a home agent, the security association of the mobile host is mandatory for mobile host authentication. If desired, configure a foreign agent security association on your home agent. On a foreign agent, the security association of the visiting mobile host and security association of the home agent are optional. Multiple security associations for each entity can be configured.
If registration fails because the timestamp value is out of bounds, the time stamp of the home agent is returned so the mobile node can reregister with the time-stamp value closer to that of the home agent, if desired.
The nai keyword is only valid for a host, visitor, and proxy host. To configure security associations for proxy Mobile IP users, use the following form of the command:
ip mobile secure proxy-host nai string spi spi key {hex | ascii} string
Note
Examples
The following example shows mobile node 20.0.0.1, which has a key that is generated by the MD5 hash of the string:
ip mobile secure host 20.0.0.1 spi 100 key hex 12345678123456781234567812345678Related Commands
ip mobile tunnel
To specify the settings of tunnels created by Mobile IP, use the ip mobile tunnel interface configuration command.
ip mobile tunnel {crypto map map-name | route-cache | path-mtu-discovery | nat {inside | outside}}
Syntax Description
Defaults
Disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
These commands are only available in ipsec images (K9).
Path MTU discovery is used by end stations to find a packet size that does not need fragmentation between them. Tunnels have to adjust their MTU to the smallest MTU interior to achieve this. This is described in RFC 2003.
The discovered tunnel MTU should be aged out periodically to possibly recover from case where sub-optimum MTU existed at time of discovery. It is reset to the outgoing interface's MTU.
Examples
The following example assigns and specifically names a crypto map:
router (config)#ip mobile tunnel crypto ?map Assign a Crypto Maprouter (config)#ip mobile tunnel crypto map ?WORD Crypto Map tagppp accm
To configure the Asynchronous Control Character Map (ACCM) to be negotiated with the mobile station, use the ppp accm command in interface configuration mode. To remove the configuration, use the no form of this command.
ppp accm number
no ppp accm
Syntax Description
number
Hexadecimal number identifying the ACCM. Possible values are 0 through FFFFFFFF. The default value is 000A0000.
Defaults
The default value is 000A0000.
Command Modes
Interface Configuration
Command History
Usage Guidelines
The ACCM is a four octet hexadecimal number that indicates the set of control characters to be mapped during transmission of AHDLC frames. During the LCP, each end of the PPP connection informs its peer the ACCM that should be used when transmitting the Asynchronous HDLC (AHDLC) frames. The TIA/EIA/IS-835-B requires that the PDSN propose an ACCM of 0x00000000. To be compliant with TIA/EIA/IS-835-B, "ppp accm 00000000" must be configured on the virtual template interface on Cisco PDSN.
Examples
The following example specifies that PDSN propose an ACCM of 0x00000000:
ppp accm 00000000Related Commands
ppp authentication
To enable CHAP, PAP or EAP, and to specify the order in which authentication is selected on the interface, use the ppp authentication command in interface configuration mode. To disable authentication, use the no form of this command.
ppp authentication {protocol1 [protocol2...] eap} [if-needed] [list-name | default] [callin] [one-time] [optional] [eap]
no ppp authentication
Syntax Description
Defaults
PPP authentication is not enabled.
Command Modes
Interface Configuration
Command History
Usage Guidelines
To configure Cisco PDSN in compliance with the TIA/EIA/IS-835-B standard, you must configure the PDSN virtual template as follows:
ppp authentication chap pap optionalExamples
The following example configures virtual-template interface 4:
interface virtual-template 4ip unnumbered loopback0ppp authentication chap pap optionalRelated Commands
service cdma pdsn
To enable PDSN service, use the service cdma pdsn command in global configuration mode. To disable PDSN service, use the no form of this command.
service cdma pdsn
no service cdma pdsn
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Global Configuration
Command History
Usage Guidelines
This command must be configured to enable CDMA PDSN on the router.
Examples
The following example enables PDSN service:
service cdma pdsnRelated Commands
show cdma pdsn pcf brief
Displays a table of all PCFs that have R-P tunnels to the PDSN.
show cdma pdsn session
Displays PDSN session information.
show cdma pdsn
To display the status and current configuration of the PDSN gateway, use the show cdma pdsn command in privileged EXEC mode.
show cdma pdsn
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(2)XC
This command was introduced.
12.3(8)XW
QoS and Prepaid output was included in the example.
12.3(8)XW1
Closed-RP output was included in the example.
Examples
The following example shows output from the show cdma pdsn command:
Router#show cdma pdsnPDSN software version 3.0, service is enabledA11 registration-update timeout 1 sec, retransmissions 5Mobile IP registration timeout 5 secA10 maximum lifetime allowed 1800 secGRE sequencing is onMaximum PCFs limit not setMaximum sessions limit not set (default 20000 maximum)SNMP failure history table size 100MSID Authentication is disabledIngress address filtering is disabledSending Agent Adv in case of IPCP Address Negotiation is disabledAllow CI_ADD option during IPCP Phase is disabledAging of idle users disabledRadius Disconnect Capability disabledClosed RP Capability not enabledNumber of pcfs connected 0,Number of pcfs 3GPP2-RP 0, Closed-RP 0,Number of sessions connected 0,Number of sessions 3GPP2-RP 0, Closed-RP 0,Number of sessions Active 0, Dormant 0,Number of sessions using HDLCoGRE 0, using PPPoGRE 0Simple IP flows 0, Mobile IP flows 0,Proxy Mobile IP flows 0, VPDN flows 0This example shows the new PPPoGRE counter statistics.
Router#show cdma pdsnPDSN software version 2.0, service is enabledA11 registration-update timeout 1 sec, retransmissions 5Mobile IP registration timeout 5 secA10 maximum lifetime allowed 65534 secGRE sequencing is onMaximum PCFs limit not setMaximum sessions limit not set (default 20000 maximum)SNMP failure history table size 100MSID Authentication is disabledIngress address filtering is disabledSending Agent Adv in case of IPCP Address Negotiation is disabledAllow CI_ADD option during IPCP Phase is disabledAging of idle users disabledRadius Disconnect Capability disabledClosed RP Capability not enabledNumber of pcfs connected 0,Number of sessions connected 0,Number of sessions using HDLCoGRE 0, using PPPoGRE 0Simple IP flows 0, Mobile IP flows 0,Proxy Mobile IP flows 0, VPDN flows 0The counter HDLCoGRE and PPPoGRE indicates number of sessions opened with AHDLC enabled and disabled respectively.
Router#show cdma pdsn sessionMobile Station ID IMSI 000000000000001PCF IP Address 13.1.102.17, PCF Session ID 1A10 connection time 00:00:07, registration lifetime 65534 secNumber of successful A11 re-registrations 0Remaining session lifetime 65526 secAlways-On not enabled for the userCurrent Access network ID 000D-0166-11Last airlink record received is Active Start, airlink is activeGRE protocol type is 0x880BGRE sequence number transmit 14, receive 0Using interface Virtual-Access2.1, status OPNService Option 1xEV-DOThis session has 1 flowFlow service Simple, NAI sip1Mobile Node IP address 11.112.1.0Packets in 0, bytes in 0Packets out 0, bytes out 0The GRE Protocol type field indicates if this is an PPPoGRE (0x880B) or HDLCoGRE (0x8881) session.
Cisco PDSN Release 3.0 adds the simple IPV6 information in the show output:
router# show cdma pdsnPDSN software version 3.0, service is enabledA11 registration-update timeout 1 sec, retransmissions 5Mobile IP registration timeout 60 secA10 maximum lifetime allowed 65535 secGRE sequencing is onMaximum PCFs limit not setMaximum sessions limit not set (default 20000 maximum)SNMP failure history table size 100MSID Authentication is disabledIngress address filtering is disabledSending Agent Adv in case of IPCP Address Negotiation is enabledAllow CI_ADD option during IPCP Phase is disabledAging of idle users disabledRadius Disconnect Capability disabledClosed RP Capability not enabledIPv6 feature enabledNumber of pcfs connected 1,Number of pcfs 3GPP2-RP 1, Closed-RP 0,Number of sessions connected 1,Number of sessions 3GPP2-RP 1, Closed-RP 0,Number of sessions Active 1, Dormant 0,Number of sessions using HDLCoGRE 1, using PPPoGRE 0Simple IP flows 1, Mobile IP flows 0,Proxy Mobile IP flows 0, VPDN flows 0router#Here is an example for the Cisco PDSN Release 3.5:
Router# show cdma pdsnPDSN software version 3.5, service is enabledA11 registration-update timeout 1 sec, retransmissions 5Mobile IP registration timeout 10 secA10 maximum lifetime allowed 65535 secGRE sequencing is onMaximum PCF's limit set to 2000Maximum sessions limit not set (default 974 maximum)SNMP failure history table size 100MSID Authentication is disabledIngress address filtering is disabledSending Agent Adv in case of IPCP Address Negotiation is enabledAllow CI_ADD option during IPCP Phase is disabledAging of idle users disabledRadius Disconnect Capability enabledNumber of pcfs connected 0,Number of pcfs 3GPP2-RP 0,Number of sessions connected 0,Number of sessions 3GPP2-RP 0,Number of sessions Active 0, Dormant 0,Number of sessions using HDLCoGRE 0, using PPPoGRE 0show cdma pdsn accounting
To display the accouting information for all sessions and the corresponding flows, use the show cdma pdsn accounting command in privileged EXEC mode.
show cdma pdsn accounting
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(2)XC
This command was introduced.
12.3(14)YX
IPV6 UDR show output was added.
Usage Guidelines
The counter names appear in abbreviated format.
Examples
The following example shows output from the show cdma pdsn accounting command:
PDSN-6500#sh cdma pdsn accountingUDR for sessionsession ID: 12Mobile Station ID IMSI 123451234512357A - A1:123451234512357C - ' 'C3:0D - D3:4.0.0.11 D4:000000000000E - E1:0000F - F1:00F1 F2:00F2 F5:00F5 F6:F6 F7:F7 F8:F8 F9:F9 F10:FA F14:00G - G3:0 G8:0 G9:0 G10:0 G11:0 G12:0 G13:0 G14:655 G15:408 G16:378I - I1:0 I4:0Y - Y2:12UDR for flowMobile Node IP address 15.0.0.3B - B1:15.0.0.3 B2:mwts-mip-p1-user121@ispxyz.comC - ' 'C2:36D - D1:0.0.0.0F - F11:02 F12:01 F13:00G - G1:0 G2:0 G4:1023906326Packets- in:0 out:0UDR for flowMobile Node IP address 15.0.0.4B - B1:15.0.0.4 B2:mwts-mip-p1-user122@ispxyz.comC - ' 'C2:37D - D1:0.0.0.0F - F11:02 F12:01 F13:00G - G1:0 G2:0 G4:1023906326Packets- in:0 out:0UDR for flowMobile Node IP address 15.0.0.5B - B1:15.0.0.5 B2:mwts-mip-p1-user123@ispxyz.comC - ' 'C2:38D - D1:0.0.0.0F - F11:02 F12:01 F13:00G - G1:0 G2:0 G4:1023906326Packets- in:0 out:0UDR for sessionsession ID: 2Mobile Station ID IMSI 00000000003A - A1:00000000003C - ' 'C3:0D - D3:4.0.0.1 D4:000000000000E - E1:0000F - F1:00F1 F2:00F2 F5:00F5 F6:F6 F7:F7 F8:F8 F9:F9 F10:FA F14:00G - G3:0 G8:0 G9:0 G10:0 G11:0 G12:0 G13:0 G14:201 G15:0 G16:0I - I1:0 I4:0Y - Y2:2UDR for flowMobile Node IP address 6.0.0.5B - B1:6.0.0.5 B2:mwt10-sip-user1C - ' 'C2:39D - D1:0.0.0.0F - F11:01 F12:00 F13:00G - G1:0 G2:0 G4:1023906826Packets- in:0 out:0UDR for sessionsession ID: 3Mobile Station ID IMSI 00000000004A - A1:00000000004C - ' 'C3:0D - D3:4.0.0.1 D4:000000000000E - E1:0000F - F1:00F1 F2:00F2 F5:00F5 F6:F6 F7:F7 F8:F8 F9:F9 F10:FA F14:00G - G3:0 G8:0 G9:0 G10:0 G11:0 G12:0 G13:0 G14:241 G15:0 G16:0I - I1:0 I4:0Y - Y2:3UDR for flowMobile Node IP address 6.0.0.14B - B1:6.0.0.14 B2:mwt10-sip-user1C - ' 'C2:40D - D1:0.0.0.0F - F11:01 F12:00 F13:00G - G1:0 G2:0 G4:1023906826Packets- in:0 out:0PDSN-6500#Release 3.0 includes the following IPv6 UDR information:
•
•
•
UDR for sessionsession ID: 1Mobile Station ID IMSI 00000000000101A - A1:00000000000101 A2:C - C3:0D - D3:4.0.0.1 D4:000000000000E - E1:0000F - F1:00F1 F2:00F2 F5:00F5 F6:F6 F7:F7 F8:F8 F9:F9 F10:FA F14:00 F15:0G - G3:0 G8:0 G9:1 G10:0 G11:0 G12:0 G13:0 G14:530 G15:0 G16:0I - I1:0 I4:0Y - Y2:1UDR for flowMobile Node IP address 2001:420:10:0:211:20FF:FE43:61CB - B2:mwts-uc1-np-user1 B3: 2001:420:10:0 B4: 211:20FF:FE43:61CC - C1:0011 C2:7 C4:0D - D1:0.0.0.0F - F11:01 F12:00 F13:00G - G1:0 G2:0 G4:1131720576Packets- in:0 out:0show cdma pdsn accounting detail
To display accounting information for all sessions and the corresponding flows, and to display the counter names (along with the abbreviated names), use the show cdma pdsn accounting detail command in privileged EXEC mode.
show cdma pdsn accounting detail
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn accounting detail command:
PDSN-6500#sh cdma pdsn accounting detailUDR for sessionsession ID: 12Mobile Station ID IMSI 123451234512357Mobile Station ID (A1) IMSI 123451234512357Session Continue (C3) ' ' 0Serving PCF (D3) 4.0.0.11 Base Station ID (D4) 000000000000User Zone (E1) 0000Forward Mux Option (F1) 241 Reverse Mux Option (F2) 242Service Option (F5) 245 Forward Traffic Type (F6) 246Reverse Traffix type (F7) 247 Fundamental Frame size (F8) 248Forward Fundamental RC (F9) 249 Reverse Fundamntal RC (F10) 250DCCH Frame Format (F14) 0Bad PPP Frame Count (G3) 0 Active Time (G8) 0Number of Active Transitions (G9) 0SDB Octet Count Terminating (G10) 0SDB Octet Count Originating (G11) 0Number of SDBs Terminating (G12) 0Number of SDBs Originating G13 0Number of HDLC Layer Bytes Received (G14) 655In-Bound Mobile IP Signalling Octet Count (G15) 408Out-bound Mobile IP Signalling Octet Count (G16) 378IP Quality of Service (I1) 0Airlink Quality of Service (I4) 0R-P Session ID (Y2) 12UDR for flowMobile Node IP address 15.0.0.3IP Address (B1) 15.0.0.3, Network Access Identifier (B2)mwts-mip-p1-user121@ispxyz.comCorrelation ID (C2) ' ' 36MIP Home Agent (D1) 0.0.0.0IP Technology (F11) 02 Compulsory Tunnel indicator (F12) 01Release Indicator (F13) 00Data Octet Count Terminating (G1) 0Data Octet Count Originating (G2) 0 Event Time G4:1023906326Packets- in:0 out:0UDR for sessionsession ID: 2Mobile Station ID IMSI 00000000003Mobile Station ID (A1) IMSI 00000000003Session Continue (C3) ' ' 0Serving PCF (D3) 4.0.0.1 Base Station ID (D4) 000000000000User Zone (E1) 0000Forward Mux Option (F1) 241 Reverse Mux Option (F2) 242Service Option (F5) 245 Forward Traffic Type (F6) 246Reverse Traffix type (F7) 247 Fundamental Frame size (F8) 248Forward Fundamental RC (F9) 249 Reverse Fundamntal RC (F10) 250DCCH Frame Format (F14) 0Bad PPP Frame Count (G3) 0 Active Time (G8) 0Number of Active Transitions (G9) 0SDB Octet Count Terminating (G10) 0SDB Octet Count Originating (G11) 0Number of SDBs Terminating (G12) 0Number of SDBs Originating G13 0Number of HDLC Layer Bytes Received (G14) 201In-Bound Mobile IP Signalling Octet Count (G15) 0Out-bound Mobile IP Signalling Octet Count (G16) 0IP Quality of Service (I1) 0Airlink Quality of Service (I4) 0R-P Session ID (Y2) 2UDR for flowMobile Node IP address 6.0.0.5IP Address (B1) 6.0.0.5, Network Access Identifier (B2)mwt10-sip-user1Correlation ID (C2) ' ' 39MIP Home Agent (D1) 0.0.0.0IP Technology (F11) 01 Compulsory Tunnel indicator (F12) 00Release Indicator (F13) 00Data Octet Count Terminating (G1) 0Data Octet Count Originating (G2) 0 Event Time G4:1023906826Packets- in:0 out:0UDR for sessionsession ID: 3Mobile Station ID IMSI 00000000004Mobile Station ID (A1) IMSI 00000000004Session Continue (C3) ' ' 0Serving PCF (D3) 4.0.0.1 Base Station ID (D4) 000000000000User Zone (E1) 0000Forward Mux Option (F1) 241 Reverse Mux Option (F2) 242Service Option (F5) 245 Forward Traffic Type (F6) 246Reverse Traffix type (F7) 247 Fundamental Frame size (F8) 248Forward Fundamental RC (F9) 249 Reverse Fundamntal RC (F10) 250DCCH Frame Format (F14) 0Bad PPP Frame Count (G3) 0 Active Time (G8) 0Number of Active Transitions (G9) 0SDB Octet Count Terminating (G10) 0SDB Octet Count Originating (G11) 0Number of SDBs Terminating (G12) 0Number of SDBs Originating G13 0Number of HDLC Layer Bytes Received (G14) 241In-Bound Mobile IP Signalling Octet Count (G15) 0Out-bound Mobile IP Signalling Octet Count (G16) 0IP Quality of Service (I1) 0Airlink Quality of Service (I4) 0R-P Session ID (Y2) 3UDR for flowMobile Node IP address 6.0.0.14IP Address (B1) 6.0.0.14, Network Access Identifier (B2)mwt10-sip-user1Correlation ID (C2) ' ' 40MIP Home Agent (D1) 0.0.0.0IP Technology (F11) 01 Compulsory Tunnel indicator (F12) 00Release Indicator (F13) 00Data Octet Count Terminating (G1) 0Data Octet Count Originating (G2) 0 Event Time G4:1023906826Packets- in:0 out:0PDSN-6500#show cdma pdsn accounting session
To display the accounting information for the session identified by the msid, and the accounting information for the flows tied to the session, use the show cdma pdsn accounting session command in privileged EXEC mode.
show cdma pdsn accounting session msid
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The counter names appear in abbreviated format.
Examples
The following example shows output from the show cdma pdsn accounting session command:
PDSN-6500#show cdma pdsn accounting session 00000000004UDR for sessionsession ID: 3Mobile Station ID IMSI 00000000004A - A1:00000000004C - ' 'C3:0D - D3:4.0.0.1 D4:000000000000E - E1:0000F - F1:00F1 F2:00F2 F5:00F5 F6:F6 F7:F7 F8:F8 F9:F9 F10:FA F14:00G - G3:0 G8:0 G9:0 G10:0 G11:0 G12:0 G13:0 G14:241 G15:0 G16:0I - I1:0 I4:0Y - Y2:3UDR for flowMobile Node IP address 6.0.0.14B - B1:6.0.0.14 B2:mwt10-sip-user1C - ' 'C2:40D - D1:0.0.0.0F - F11:01 F12:00 F13:00G - G1:0 G2:0 G4:1023906826Packets- in:0 out:0PDSN-6500#show cdma pdsn accounting session detail
To display the accounting information (with counter names) for the session identified by the msid, and the accounting information for the flows tied to the session, use the show cdma pdsn accounting session detail command in privileged EXEC mode.
show cdma pdsn accounting session msid detail
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The counter names appear in abbreviated format.
Examples
The following example shows output from the show cdma pdsn accounting session command:
PDSN-6500#sh cdma pdsn accounting session 00000000004 detailUDR for sessionsession ID: 3Mobile Station ID IMSI 00000000004Mobile Station ID (A1) IMSI 00000000004Session Continue (C3) ' ' 0Serving PCF (D3) 4.0.0.1 Base Station ID (D4) 000000000000User Zone (E1) 0000Forward Mux Option (F1) 241 Reverse Mux Option (F2) 242Service Option (F5) 245 Forward Traffic Type (F6) 246Reverse Traffix type (F7) 247 Fundamental Frame size (F8) 248Forward Fundamental RC (F9) 249 Reverse Fundamntal RC (F10) 250DCCH Frame Format (F14) 0Bad PPP Frame Count (G3) 0 Active Time (G8) 0Number of Active Transitions (G9) 0SDB Octet Count Terminating (G10) 0SDB Octet Count Originating (G11) 0Number of SDBs Terminating (G12) 0Number of SDBs Originating G13 0Number of HDLC Layer Bytes Received (G14) 241In-Bound Mobile IP Signalling Octet Count (G15) 0Out-bound Mobile IP Signalling Octet Count (G16) 0IP Quality of Service (I1) 0Airlink Quality of Service (I4) 0R-P Session ID (Y2) 3UDR for flowMobile Node IP address 6.0.0.14IP Address (B1) 6.0.0.14, Network Access Identifier (B2)mwt10-sip-user1Correlation ID (C2) ' ' 40MIP Home Agent (D1) 0.0.0.0IP Technology (F11) 01 Compulsory Tunnel indicator (F12) 00Release Indicator (F13) 00Data Octet Count Terminating (G1) 0Data Octet Count Originating (G2) 0 Event Time G4:1023906826Packets- in:0 out:0PDSN-6500#show cdma pdsn accounting session flow
To display the accounting information for a specific flow that is associated with the session identified by the msid, use the show cdma pdsn accounting session flow command in privileged EXEC mode.
show cdma pdsn accounting session msid flow {mn-ip-address IP_address }
Syntax Description
msid
The ID number of the mobile subscriber.
mn-ip-address ip_address
Specifies the IP addresses assigned to the mobile numbers in each session.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The counter names appear in abbreviated format.
Examples
The following example shows output from the show cdma pdsn accounting session flow command:
PDSN-6500#show cdma pdsn accounting session 00000000004 flowmn-ip-address 6.0.0.14UDR for flowMobile Node IP address 6.0.0.14B - B1:6.0.0.14 B2:mwt10-sip-user1C - ' 'C2:40D - D1:0.0.0.0F - F11:01 F12:00 F13:00G - G1:0 G2:0 G4:1023906826Packets- in:0 out:0PDSN-6500#show cdma pdsn accounting session flow user
To display accounting information for a flow with username that is associated with the session identified by the msid, use the show cdma pdsn accounting session flow user command in privileged EXEC mode.
show cdma pdsn accounting session msid flow user username
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn accounting session flow user command:
PDSN-6500#show cdma pdsn accounting session 123451234512357 flow usermwts-mip-p1-user121@ispxyz.comUDR for flowMobile Node IP address 15.0.0.3B - B1:15.0.0.3 B2:mwts-mip-p1-user121@ispxyz.comC - ' 'C2:36D - D1:0.0.0.0F - F11:02 F12:01 F13:00G - G1:0 G2:0 G4:1023906326Packets- in:0 out:0PDSN-6500#show cdma pdsn ahdlc
To display AHDLC engine information, use the show cdma pdsn ahdlc command in privileged EXEC mode.
show cdma pdsn ahdlc slot_number channel [channel_id]
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(2)XC
This command was introduced.
12.2(8)BY
The possible values for channel ID were extended to 20000.
Examples
The following example shows output from the show cdma pdsn ahdlc command:
Router# show cdma pdsn ahdlc 0 channelCh id State Framing ACCM Deframing ACCM FCS size12 OPENED 00000000 00000000 1613 OPENED 00000000 00000000 1614 OPENED 00000000 00000000 16Router# show cdma pdsn ahdlc 0 channel 12Channel id = 12 State = OPENED Framing ACCM = 00000000Deframing ACCM = 00000000 FCS size = 16Framing input 153 bytes 7 paksFraming output 242 bytes 7 paks 0 errorsDeframing input 181 bytes 9 paksDeframing output 121 bytes 5 paks 0 errors0 Bad FCS 0 Escaped endshow cdma pdsn cluster controller
To display configuration and statistics for the PDSN cluster controller, use the show cdma pdsn cluster controller command in privileged EXEC mode.
show cdma pdsn cluster controller {closed rp | configuration | member | queueing | session | statistics}
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn cluster controller command:
Router# show cdma pdsn cluster controller sessionshow cdma pdsn cluster controller configuration
To display the IP addresses of the members that registered with a specific controller, use the show cdma pdsn cluster controller configuration command in privileged EXEC mode.
show cdma pdsn cluster controller configuration
Syntax Description
There are no arguments or keywords for this command.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn cluster controller configuration command:
Router# show cdma pdsn cluster controller configurationsh cdma pdsn cluster controller configcluster interface FastEthernet0/0no R-P signaling proxytimeout to seek member = 10 secondswindow to seek member is 2 timeouts in a row if no reply (afterwards the member is declared offline)this PDSN cluster controller is configuredcontroller redundancy:database in-sync or no need to syncgroup: sit_cluster1show cdma pdsn cluster controller member
To display detailed information about a specific cluster controller member, use the show cdma pdsn cluster controller member command in privileged EXEC mode.
show cdma pdsn cluster controller member ipaddr [ session | load | prohibited ]
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(8)BY
This command was introduced.
12.3(8)XW
The session keyword was added.
Examples
The following example shows output from the show cdma pdsn cluster controller member command:
Router# show cdma pdsn cluster controller member 1.2.3.4 sessionSession Rec ID: 00000100003 Member-Ack received: TRUE Age: 24 secsSession Rec ID: 00000100004 Member-Ack received: TRUE Age: 24 secsSession Rec ID: 00000100005 Member-Ack received: TRUE Age: 24 secsshow cdma pdsn cluster controller session
To display session count, or count by age, or one or a few oldest session records, or a session records corresponding to the IMSI entered and a few session records that arrived afterwards, use the show cdma pdsn cluster controller session command in privileged EXEC mode.
show cdma pdsn cluster controller session {count [age days] | oldest [more 1-20 records] | imsi BCDs [more 1-20 records]}
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn cluster controller session command:
Router# show cdma pdsn clu contr session imsi 00000000007IMSI Member IPv4 Addr Age [days] Anchor changes----------------------------------------------------------------00000000007 10.0.0.50----------------------------------------------------------------Router# show cdma pdsn clu contr session count10 session recordsRouter# show cdma pdsn clu contr session oldestIMSI Member IPv4 Addr Age [days] Anchor changes----------------------------------------------------------------00000000002 10.0.0.50----------------------------------------------------------------show cdma pdsn cluster controller statistics
To display the IP addresses of the members that registered with a specific controller, and to include new information that displays RRQ's forwarded from the controller for which there was no Session-Up/ Session-Down message received from the member, use the show cdma pdsn cluster controller statistics command in privileged EXEC mode.
show cdma pdsn cluster controller statistics
Syntax Description
There are no arguments or keywords for this command.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn controller statistics command:
Router# show cdma pdsn cluster controller statisticsSample Output:Controller-Member Interface:Cluster Reg Request rcvd 12, accepted 3, discarded 9Cluster Reg Request sent 0Cluster Reg Reply rcvd 0, accepted 0, discarded 0Cluster Reg message errors:Reg Request rcvd: Authentication failed 0, ID mismatch 9Unrecognized extension 0, Unrecognized application type 0Unrecognized data type 0Reg Reply rcvd: Authentication failed 0, ID mismatch 0Unrecognized extension 0Reg Req not sent: Interface cdma-Ix not configured 0Invalid Reg message type 0Controller seek requests rcvd 3, replies sent 3Member seek requests sent 0, replies rcvd 0Member state transition msgs rcvd 0, replies sent 0ready 0, Administratively prohibited 0Total A11 Reg Requests forwarded 0A11 Reg Requests orig forwarded 0, retry forwarded 0Session-Up from member 0, Session-Down from member 0No Acknowledgement from member 0Controller Redundancy Interface:Update rcvd 0 sent 6 orig sent 3 fail 0UpdateAck rcvd 1 sent 0DownloadReq rcvd 0 sent 11 orig sent 10 fail 0DownloadReply rcvd 11 sent 0 orig sent 0 fail 0 drop 0DownloadAck rcvd 0 sent 11 drop 0Errors: Authentication failed 0 ID mismatch 0Ignored due to no redundancy configuration 0show cdma pdsn cluster member
To display configuration and statistics for the PDSN cluster member, including information about RRQs forwarded to the controller member, use the show cdma pdsn cluster member command in privileged EXEC mode.
show cdma pdsn cluster member {configuration | queueing | statistics}
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output from the show cdma pdsn cluster member command:
Router# show cdma pdsn cluster member statisticsSample Output:Controller-Member Interface:Cluster Reg Request rcvd 10, accepted 10, discarded 0Cluster Reg Request sent 23Cluster Reg Reply rcvd 11, accepted 11, discarded 0Cluster Reg message errors:Reg Request rcvd: Authentication failed 0, ID mismatch 0Unrecognized extension 0, Unrecognized application type 0Unrecognized data type 0Reg Reply rcvd: Authentication failed 0, ID mismatch 0Unrecognized extension 0Reg Req not sent: Interface cdma-Ix not configured 0Invalid Reg message type 0Controller seek requests rcvd 10, replies sent 10Member seek requests sent 23, replies rcvd 11Member state transition msgs sent 0, replies rcvd 0ready 0, Administratively prohibited 0Session-Up msg sent 0, Session-Down msg sent 0Session-Up msg Ack rcvd 0, Session-Down msg Ack rcvd 0Controller seek not replied in sequence 0Member state not replied in sequence 0show cdma pdsn flow
To display flow-based summary of active sessions, and the flows and IP addresses assigned to the mobile numbers in each session, use the show cdma pdsn flow command in privileged EXEC mode.
show cdma pdsn flow {mn-ip-address ip_address | mn-ipv6-address address | prepaid | msid string | service-type | user string}
Syntax Description
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(8)BY
This command was introduced.
12.3(14)YX
mn-ipv6-address output was introduced.
Examples
The following example shows output from the show cdma pdsn flow command:
Router# show cdma pdsn flowMSID NAI Type MN IP Address St100000000000099 sim1 Simple 100.4.1.1 ACT200000000000047 sim1 Simple 100.4.1.2 ACT100000000000100 sim1 Simple 100.4.1.40 ACT200000000000048 sim1 Simple 100.4.1.3 ACT100000000000101 sim1 Simple 100.4.1.5 ACT200000000000049 sim1 Simple 100.4.1.4 ACT100000000000102 sim1 Simple 100.4.1.6 ACT200000000000050 sim1 Simple 100.4.1.7 ACT100000000000103 sim1 Simple 100.4.1.9 ACT200000000000051 sim1 Simple 100.4.1.8 ACT100000000000104 sim1 Simple 100.4.1.11 ACT200000000000052 sim1 Simple 100.4.1.10 ACT100000000000105 sim1 Simple 100.4.1.12 ACT200000000000053 sim1 Simple 100.4.1.13 ACT300000000000008 sim1 Simple 100.4.1.14 ACT100000000000106 sim1 Simple 100.4.1.15 ACT200000000000054 sim1 Simple 100.4.1.16 ACT300000000000009 sim1 Simple 100.4.1.17 ACT100000000000107 sim1 Simple 100.4.1.19 ACT200000000000055 sim1 Simple 100.4.1.18 ACT100000000000122 sim1 Simple 100.4.1.21 ACT200000000000070 sim1 Simple 100.4.1.20 ACT300000000000025 sim1 Simple 100.4.1.22 ACT100000000000123 sim1 Simple 100.4.1.24 ACT200000000000071 sim1 Simple 100.4.1.23 ACT300000000000026 sim1 Simple 100.4.1.25 ACT100000000000124 sim1 Simple 100.4.1.26 ACT200000000000072 sim1 Simple 100.4.1.27 ACT300000000000027 sim1 Simple 100.4.1.28 ACT100000000000125 sim1 Simple 100.4.1.29 ACT200000000000073 sim1 Simple 100.4.1.30 ACT300000000000028 sim1 Simple 100.4.1.31 ACT100000000000126 sim1 Simple 100.4.1.33 ACT200000000000074 sim1 Simple 100.4.1.32 ACT300000000000029 sim1 Simple 100.4.1.34 ACT100000000000127 sim1 Simple 100.4.1.36 ACT200000000000075 sim1 Simple 100.4.1.35 ACT300000000000030 sim1 Simple 100.4.1.37 ACT100000000000128 sim1 Simple 100.4.1.39 ACT200000000000076 sim1 Simple 100.4.1.38 ACT300000000000101 sim1 Simple 100.4.1.41 ACT100000000000199 sim1 Simple 100.4.1.43 ACT200000000000147 sim1 Simple 100.4.1.42 ACT300000000000102 sim1 Simple 100.4.1.44 ACT100000000000200 sim1 Simple 100.4.1.46 ACT--More--A new option, mn-ipv6-address, is added in Release 3.0:
show cdma pdsn flow mn-ipv6-address ?X:X:X:X::X MN IPv6 addresspdsn2#$n flow mn-ipv6-address 2001:420:10:0:211:20FF:FE43:61CMSID NAI Type MN IP Address St00000000000101 mwts-uc1-np-user1 Simple-ipv6001:420:10:0:211:20FF:FE43:61C ACTshow cdma pdsn flow service
To display flow-based information for a specified service type in each session, use the show cdma pdsn flow service command in privileged EXEC mode.
show cdma pdsn flow service {mobile | proxy-mobile | simple | simple-ipv6}
Syntax Description
mobile
Specifies mobile service type.
proxy-mobile
Specifies the proxy-mobile service type.
simple
Specifies the simple service type .
simple-ipv6
Specifies the simple-IPv6 service type.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(8)BY
This command was introduced.
12.3(14)YX
simple-ipv6 output was introduced.
Examples
The following example shows output from the show cdma pdsn flow service simple-ipv6 command:
Router# show cdma pdsn flow service simple-ipv6MSID NAI Type MN IPAddress St00000000000101 mwts-uc1-np-user1 Simple-ipv62001:420:10:0:211:20FF:FE43:61C ACTshow cdma pdsn pcf
To display information about PCFs that have R-P tunnels to the PDSN, use the show cdma pdsn pcf command in privileged EXEC mode.
show cdma pdsn pcf {brief | ip_addr | secure}
Syntax Description
brief
Displays information about all PCFs with connected sessions.
ip_addr
Displays detailed PCF information by IP address.
secure
Displays the security associations for all PCFs on this PDSN.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
12.1(3)XS
This command was introduced.
12.2(2)XC
The parameters of this command were changed.
12.3(8)XW
The Closed-RP information was added to the example output
Examples
The following example shows output of the show cdma pdsn pcf command with the keyword brief specified, with an IP address specified, and with the keyword secure specified:
router# show cdma pdsn pcf briefPCF IP Address Sessions Pkts In Pkts Out Bytes In Bytes Out4.0.0.1 1 14 275 23 936Table 5 describes the fields shown in the output of the brief version of the command.
router# show cdma pdsn pcf 13.1.102.11PCF 13.1.102.11 has 1 sessionReceived 6 pkts (181 bytes), sent 12 pkts (504 bytes)PCF Session ID 2, Mobile Station ID IMSI 000000000000001A10 connection age 00:01:04A10 registration lifetime 65535 sec, time since last registration 28 secTable 6 describes the fields shown in the output of the command when an IP address is specified.
Router# show cdma pdsn pcf secureSecurity Associations (algorithm, replay protection, key):default:spi 300, Timestamp +/- 60, key ascii foo4.0.0.1:spi 100, Timestamp +/- 60, key ascii testspi 200, Timestamp +/- 60, key ascii foo4.0.0.2:spi 100, Timestamp +/- 0, key ascii testspi 400, Timestamp +/- 0, key hex 123456789012345678901234567890124.0.0.3:spi inbound 100 outbound 200, Timestamp +/- 0, key ascii testTable 7 describes the fields shown in the output of the command when the keyword secure is specified.
show cdma pdsn redundancy
To show whether or not the PDSN redundancy feature is enabled or not, use the show cdma pdsn redundancy command in Privileged EXEC mode.
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
The following example illustrates the output for the show cdma pdsn redundancy command:
router# show cdma pdsn redundancyCDMA PDSN Redundancy is enabledCDMA PDSN Session Redundancy system statusPDSN state = ACTIVEPDSN-peer state = STANDBY HOTCDMA PDSN Session Redundancy StatisticsLast clearing of cumulative counters neverSynced to standby Currentsince peer up ConnectedSessions 1 2SIP Flows 0 0MIP Flows 1 0PMIP Flows 0 0show cdma pdsn redundancy statistics
To display a variety of information about the sessions and the associated flows that have been/are synchronized to/from the standby/active, use show cdma pdsn redundancy statistics command in privileged EXEC mode.
show cdma pdsn redundancy statistics
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
12.2(2)XC
This command was introduced.
12.3(8)XW
Prepaid output was included in examples.
Usage Guidelines
show cdma pdsn redundancy statistics will be hidden until service internal is configured.
Examples
The following output is displayed with the show cdma pdsn redundancy statistics command:
Router# show cdma pdsn redundancy statisticsLast clearing of cumulative counters never Number of messages sent to standby:Session EventsUp 10, Down 39, Reregistration 0Handoff 0, PPP renegotiation 0Flow EventsSimple IP Up 1, Down 1Mobile IP Up 7, Down 7Proxy Mobile IP Up 2, Down 2Accouting EventsUpdate 0, Flow Start0, Stop 0Active to Dormant 0, Dormant to Active 0show cdma pdsn resource
To display AHDLC resources allocated in resource manager, use the show cdma pdsn resource command in privileged EXEC mode.
show cdma pdsn resource [slot_number [ahdlc-channel [channel_id]]]
Syntax Description
slot_number
(Optional) Slot number of the AHDLC of interest.
ahdlc-channel [channel_id]
(Optional) Channel on the AHDLC. If no channel is specified, information for all channels is displayed.
Defaults
The c6500-c5 image supports 8000 sessions and the c6500-c6 image supports 20000 sessions.
Command Modes
Privileged EXEC
Command History
12.2(2)XC
This command was introduced.
12.2(8)BY
The possible values for channel ID was extended to 20000.
Examples
The following example shows output from the show cdma pdsn resource command:
Router# show cdma pdsn resourceResource allocated/available in the resource managerslot 0:AHDLC Engine Type:CDMA HDLC ENGINEEngine is ENABLEDtotal channels:16000, available channels:16000Router#show cdma pdsn resource 0 ahdlc-channel 0AHDLC Channel 0 State CLOSEDshow cdma pdsn session
To display the session information on the PDSN, use the show cdma pdsn session command in privileged EXEC mode.
show cdma pdsn session [brief | always-on | dormant | mn-ip-address address | mn-ipv6-address address | msid number | user nai | prepaid]
Syntax Description
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output of the show cdma pdsn session command:
Router#show cdma pdsn sessionMobile Station ID IMSI 00000000001PCF IP Address 13.1.102.11, ID local 31994, remote 18555Session ID local 2, remote 17, state establishedA10 connection time 00:00:07, registration lifetime 65535 secNumber of successful A11 re-registrations 0Remaining session lifetime INFINITECurrent Access network ID 000D-010A-6ALast airlink record received is Active Start, airlink is activeGRE sequence number transmit 7, receive 0Using interface Virtual-Access2.1, status ACTUsing AHDLC engine on slot 0, channel ID 0Service Option UndefinedPolicier Upstream CIR(bps) 8000,Normal Burst(bytes) 4000,Excess Burst(bytes) 8000Downstream CIR(bps) 8000,Normal Burst(bytes) 4000,Excess Burst(bytes) 8000This session has 1 flowFlow service Simple, NAI nai-qos1Mobile Node IP address 11.2.1.1Packets in 0, bytes in 0Packets out 0, bytes out 0Quota Details of Prepaid Service based on Volume:Quota Id : 257Allocated: 50000 bytesThreshold: 40000 bytesConsumed : 20000 bytesQuota Details of Prepaid Service based on Duration:Quota Id : 4522002Allocated: 60 secThreshold: 45 secConsumed : 41 secQos Allowed Diffserv class A,E,OMax Class Selection Marking 40Reverse Tunneling Marking 26Cisco PDSN Release 3.0 adds the following Simple IPV6 information:
Router#show cdma pdsn sessionMobile Station ID IMSI 00000000000101PCF IP Address 4.0.0.1, PCF Session ID 1A10 connection time 00:03:55, registration lifetime 65535 secNumber of successful A11 re-registrations 0Remaining session lifetime INFINITEAlways-On not enabled for the userCurrent Access network ID 0004-0000-01Last airlink record received is Active Start, airlink is activeGRE protocol type is 0x8881GRE sequence number transmit 11, receive 0Using interface Virtual-Access2.1, status OPNUsing AHDLC engine on slot 0, channel ID 5Service Option UndefinedThis session has 1 flowFlow service Simple-ipv6, NAI mwts-uc1-np-user1Mobile Node IPv6 address 2001:420:10:0:211:20FF:FE43:61CIPv6 Packets in 0, bytes in 0IPv6 Packets out 0, bytes out 0router#This example shows the PDSN 3.5 session related subscriber QoS profile and policing details:
Router#show cdma pdsn sessionMobile Station ID IMSI 123456789123457PCF IP Address 5.1.1.46, PCF Session ID 1A10 connection time 119:19:10, registration lifetime 1800 secNumber of successful A11 re-registrations 357Remaining session lifetime 650 secAlways-On not enabled for the userCurrent Access network ID 0005-0101-2ELast airlink record received is Unknown, airlink is activeGRE protocol type is 0x8881GRE sequence number transmit 9, receive 7Using interface Virtual-Access2.1, status OPNUsing AHDLC engine on slot 0, channel ID 4381Service Option Ev-DOPolice Downstream CIR(bps) 8000,Normal Burst(bytes) 1500, Excess Burst(bytes) 3000Packets Conformed 0 Exceeded 0 Dropped packets 0This session has 1 flowSession Airlink State ActiveQoS Parameters:Max Aggregate Bandwidth: 8000Home Area : 10Inter User Priority : 15Flow service Simple, NAI NAI gSIP1@xxx.comMobile Node IP address 32.1.35.203Packets in 0, bytes in 0Packets out 0, bytes outshow cdma pdsn statistics
To display VPDN, PPP, RP interface, Closed-RP interface and error statistics for the PDSN, use the show cdma pdsn statistics command in privileged EXEC mode.
show cdma pdsn statistics [ahdlc | rp [pcf ip address] | closed-rp [pcf ip address] | error] [ppp [pcf ip address] [radius disconnect]]
Syntax Description
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows output of the show cdma pdsn statistics command:
router# show cdma pdsn statisticsRP Interface:Reg Request rcvd 23, accepted 22, denied 1, discarded 0Initial Reg Request accepted 4, denied 0Re-registration requests accepted 14, denied 0De-registration accepted 4, denied 0Error: Unspecified 23, Administratively prohibited 0Resource unavailable 4, Authentication failed 4Identification mismatch 2, Poorly formed requests 2Unknown PDSN 2, Reverse tunnel mandatory 22Reverse tunnel unavailable 1, Bad CVSE 0Update sent 2, accepted 2, denied 0, not acked 0Initial Update sent 2, retransmissions 0Acknowledge received 2, discarded 0Update reason lifetime expiry 1, PPP termination 0, other 1Error: Unspecified 23 Administratively prohibited 0Authentication failed 4, Identification mismatch 4Poorly formed request 2PPP:Current Connections 0Connection requests 4, success 4, failure 0Failure reason LCP 0, authentication 0, IPCP 3Connection enters stage LCP 4, Auth 4, IPCP 7Renegotiation total 0, by PDSN 0, by Mobile Node 0Renegotiation reason LCP/IPCP 0, address mismatch 0, other 0CHAP attempt 4, success 4, failure 0PAP attempt 0, success 0, failure 0MSCHAP attempt 0, success 0, failure 0EAP attempt 0, success 0, failure 0Release total 4, by PDSN 4, by Mobile Node 0Release by ingress address filtering 0Release reason: administrative 1, LCP termination 0, idle timeout 0L2TP tunnel NOT READY YETinsufficient resources 0, session timeout 0service unavailable 0, other 0Connection negotiated compression 0Compression Microsoft 0, Stack 0, other 0Connections negotiated MRRU 0, IPX 0, IP 4Connections negotiated VJ-Compression 0, BAP 0PPP bundles 0VPDN Flows:A11 registration-update timeout 1 sec, retransmissions 5Mobile IP registration timeout 5 secA10 maximum lifetime allowed 65535 secGRE sequencing is onMaximum PCFs limit not setMaximum sessions limit not set (default 20000 maximum)SNMP failure history table size 100MSID Authentication is disabledIngress address filtering is disabledSending Agent Adv in case of IPCP Address Negotiation is disabledAging of idle users disabledNumber of pcfs connected 1Number of sessions connected 29,Simple IP flows 10, Mobile IP flows 9,Proxy Mobile IP flows 0, VPDN flows 10AHDLC:PDSN#show cdma pdsn statistics ahdlcslot 0:AHDLC Engine Type: CDMA HDLC SW ENGINEEngine is ENABLEDtotal channels: 8000, available channels: 8000Framing input 0 bytes, 0 paksFraming output 0 bytes, 0 paksFraming errors 0, insufficient memory 0,queue overflow 0, invalid size 0Deframing input 0 bytes, 0 paksDefaming output 0 bytes, 0 paksDeframing errors 0, insufficient memory 0,queue overflow 0, invalid size 0, CRC errors 0RADIUS Disconnect:router#show cdma pdsn statistics radius disconnectRADIUS DISCONNECT:Disconnect Request rcvd 0, accepted 0Disconnect Request Errors:Unsupported Attribute 0, Missing Attribute 0Invalid Request 0, NAS Id Mismatch 0Session Cxt Not Found 0, Administratively Prohibited 0In R3.0, the show cdma pdsn statistics command has been enhanced to include Closed-RP statistics. Here is a sample output:
PDSN#show cdma pdsn statistics ?ahdlc AHDLC informationclosed-rp CDMA PDSN closed-rp statisticsppp CDMA PDSN ppp statisticsprepaid CDMA PDSN prepaid statisticsradius CDMA PDSN traffic statisticsrp CDMA PDSN RP statistics| Output modifiers<cr>PDSN#show cdma pdsn statisticsLast clearing of `show cdma pdsn statistics' counters neverRP Interface:Reg Request rcvd 0, accepted 0, denied 0, discarded 0Initial Reg Request rcvd 0, accepted 0, denied 0, discarded 0Re-registration requests rcvd 0, accepted 0, denied 0, discarded 0Re-registration requests containing Active-Start 0, Active-Stop 0Handoff requests rcvd 0, accepted 0, denied 0, discarded 0De-registration rcvd 0, accepted 0, denied 0, discarded 0De-registration Reg Request with Active-Stop 0Registration Request Errors:Unspecified 0, Administratively prohibited 0Resource unavailable 0, Authentication failed 0Identification mismatch 0, Poorly formed requests 0Unknown PDSN 0, Reverse tunnel mandatory 0Reverse tunnel unavailable 0, Bad CVSE 0Update sent 0, accepted 0, denied 0, not acked 0Initial Update sent 0, retransmissions 0Acknowledge received 0, discarded 0Update reason lifetime expiry 0, PPP termination 0, other 0Registration Update Errors:Unspecified 0, Identification mismatch 0Authentication failed 0, Administratively prohibited 0Poorly formed request 0Handoff statistics:Inter PCF handoff active 0, dormant 0Update sent 0, accepted 0, denied 0, not acked 0Initial Update sent 0, retransmissions 0Acknowledge received 0, discarded 0De-registration accepted 0, denied 0Handoff Update Errors:Unspecified 0, Identification mismatch 0Authentication failed 0, Administratively prohibited 0Poorly formed request 0RP Session Update statistics:Update sent 0, accepted 0, denied 0, not acked 0Initial Update sent 0, retransmissions 0Acknowledge received 0, discarded 0Sent reasons Always On 0, RN-PDIT 0RP Session Update Errors:Unspecified 0, Identification mismatch 0Authentication failed 0, Session parameters not updated 0Poorly formed request 0Service Option:PPP:Current Connections 0Connection requests 0, success 0, failure 0, aborted 0Connection enters stage LCP 0, Auth 0, IPCP 0Connection success LCP 0, AUTH 0, IPCP 0Failure reason LCP 0, authentication 0, IPCP 0, other 0Failure reason lower layer disconnect 0A10 release before LCP nego by PDSN 0, by PCF 0LCP StageFailure Reasons Options 0, MaxRetry 0, Unknown 0LCP Term Req during LCP nego sent 0, rcvd 0A10 release during LCP nego by PDSN 0, by PCF 0Auth StageCHAP attempt 0, success 0, failure 0, timeout 0PAP attempt 0, success 0, failure 0, timeout 0MSCHAP attempt 0, success 0, failure 0, timeout 0EAP attempt 0, success 0, failure 0MSID attempt 0, success 0, failure 0AAA timeouts 0, Auth timeouts 0, Auth skipped 0LCP Term Req during Auth nego sent 0, rcvd 0A10 release during Auth nego by PDSN 0, by PCF 0IPCP StageFailure Reasons Options 0, MaxRetry 0, Unknown 0Options failure reason MN Rejected IP Address 0LCP Term Req during IPCP nego sent 0, rcvd 0A10 release during IPCP nego by PDSN 0, by PCF 0CCP StageConnection negotiated compression 0Compression type Microsoft 0, Stac 0, other 0Connections negotiated MRRU 0, IPX 0, IP 0Connections negotiated VJ-Compression 0, BAP 0PPP bundles 0Connections failed to negotiate compression 0Renegotiation total 0, by PDSN 0, by Mobile Node 0Renegotiation success 0, failure 0, aborted 0Renegotiation reason: address mismatch 0, lower layer handoff 0GRE key change 0, other 0Release total 0, by PDSN 0, by Mobile Node 0Release by ingress address filtering 0Release reason: administrative 0, LCP termination 0Idle timeout 0, echo missed 0L2TP tunnel 0, insufficient resources 0Session timeout 0, service unavailable 0De-Reg from PCF 0, lifetime expiry 0, other 0Echo statsRequest sent 0, resent 0, max retransmit timeout 0Response rcvd 0Discarded PacketsUnknown Protocol Errors 0, Bad Packet Length 0slot 0:AHDLC Engine Type: CDMA HDLC SW ENGINEEngine is ENABLEDtotal channels: 20000, available channels: 20000Framing input 0 bytes, 0 paksFraming output 0 bytes, 0 paksFraming errors 0, insufficient memory 0, queue overflow 0Invalid size 0Deframing input 0 bytes, 0 paksDefaming output 0 bytes, 0 paksDeframing errors 0, insufficient memory 0, queue overflow 0Invalid size 0, CRC errors 0Bandwidth policing:Policing installed 0 failure 0 uninstalled 0ClosedRP Interface:Control packets rcvd 0, sent 0, resent 0, dropped 0ZLB rcvd 0, sent 0, resent 0, dropped 0SCCRQ rcvd 0, sent 0, resent 0, dropped 0SCCRP rcvd 0, sent 0, resent 0, dropped 0SCCCN rcvd 0, sent 0, resent 0, dropped 0StopCCN rcvd 0, sent 0, resent 0, dropped 0CDN rcvd 0, sent 0, resent 0, dropped 0Hello rcvd 0, sent 0, resent 0, dropped 0ICRQ rcvd 0, sent 0, resent 0, dropped 0ICRP rcvd 0, sent 0, resent 0, dropped 0ICCN rcvd 0, sent 0, resent 0, dropped 0show cdma pdsn statistics prepaid
To display statistics related to all prepaid enabled flows, use the show cdma pdsn statistics prepaid command in Privileged EXEC mode.
show cdma pdsn statistics prepaid
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
Here is sample output of the show cdma pdsn statistics prepaid command:
router# show cdma pdsn statistics prepaidPrepaid-related statistics:Total prepaid flows opened: 0Volume-based 0, Duration-based 0Simple IP 0, VPDN 0, Proxy Mobile IP 0, Mobile IP 0Total online Access Requests sent 0Total online Access Response received 0Accepted 0, Discarded 0, Timeout 0Online Access Requests sent with Update Reason:Pre-Initialization 0Initial Request 0Threshold Reached 0Quota Reached 0Remote Forced Disconnect 0Client Service Termination 0Main SI Released 0SI not established 0Tariff Switch Update 0show ip mobile cdma ipsec
To display if IS835 IPSec security is enabled, use the show ip mobile cdma ipsec command in EXEC mode.
show ip mobile cdma ipsec
Syntax Description
There are no arguments or keywords for this command.
Command Modes
EXEC
Command History
Usage Guidelines
This command is only present in crypto images for the 7200, and non-crypto images for the MWAM.
Examples
The following example illustrates how to enable the show ip mobile cdma ipsec command:
router# show ip mobile cdma ipsec
show ip mobile cdma ipsec profile
To display the crypto profile configured for IPsec, use the show ip mobile cdma ipsec profile command in EXEC mode.
show ip mobile cdma ipsec profile
Syntax Description
There are no arguments or keywords for this command.
Command Modes
EXEC
Command History
Usage Guidelines
This command is only present in crypto images for the 7200, and non-crypto images for the MWAM.
Examples
The following example illustrates how to enable the show ip mobile cdma ipsec profile command:
router# show ip mobile cdma ipsec profile
show ip mobile proxy
To display information about a proxy Mobile IP host, use the show ip mobile proxy EXEC command.
show ip mobile proxy [host [nai string] | registration | traffic]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
None.
Examples
The following is sample output from the show ip mobile proxy host command:
Router# show ip mobile proxy hostProxy Host List:MoIPProxy1@cisco.com:Home Agent Address 3.3.3.1Lifetime 6000Flags :sBdmgvtshow ip mobile secure
To display the mobility security associations for the mobile host, mobile visitor, foreign agent, home agent, or proxy Mobile IP host use the show ip mobile secure EXEC command.
show ip mobile secure {home-agent | summary | visitor}
Syntax Description
home-agent
Displays Home agent security associations.
summary
Displays a summary of all security associations.
visitor
Displays Mobile visitor security associations.
Command Modes
EXEC
Command History
12.0(1)T
This command was introduced.
12.2(2)XC
The nai and proxy-host keywords were added.
12.x(x)xx
The nai and proxy-host keywords were deleted.
Usage Guidelines
Multiple security associations can exist for each entity.
Examples
The following is sample output from the show ip mobile secure command:
Router# show ip mobile secure summarySecurity Associations (algorithm,mode,replay protection,key):20.0.0.6SPI 300, MD5, Prefix-suffix, Timestamp +/- 7,Key 00112233445566778899001122334455Table 8 describes the significant fields shown in the display.
show ip mobile traffic
To display Foreign Agent protocol counters, use the show ip mobile traffic EXEC command.
show ip mobile traffic
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
Counters can be reset to zero (0) using the clear ip mobile traffic command, which also allows you to undo the reset.
Examples
The following is sample output from the show ip mobile traffic command:
Router# show ip mobile trafficIP Mobility traffic:Advertisements:Solicitations received 102Advertisements sent 13758, response to solicitation 102Foreign Agent Registrations:Register requests rcvd 8580, valid 7243, forwarded 7243, denied 1009, ignored 328Register requests valid initial 7242, re-register 0, de-register 1Register requests forwarded initial 7242, re-register 0, de-register 1Register requests denied initial 1009, re-register 0, de-register 0Register requests ignored initial 0, re-register 0, de-register 0Register replies rcvd 7242, forwarded 7234, bad 0, ignored 8Register replies rcvd initial 7241, re-register 0, de-register 1Register replies forwarded initial 7233, re-register 0, de-register 1Registration Errors:Unspecified 1005, HA unreachable 0Administrative prohibited 0, No resource 0Bad lifetime 0, Bad request form 0Unavailable encapsulation 0, Compression 0Unavailable reverse tunnel 0, Reverse tunnel mandatory 0Authentication failed MN 4, HA 0Received challenge/gen. authentication extension, feature not enabled 0Unknown challenge 1001, Missing challenge 0, Stale challenge 4Unrecognized VendorID or CVSE-Type in CVSE sent by MN to FA 0Unrecognized VendorID or CVSE-Type in CVSE sent by HA to FA 0Route Optimization Binding Updates received 0, acks sent 0 neg acks sent 0show ip mobile violation
To display information about security violations, use the show ip mobile violation EXEC command.
show ip mobile violation [address | nai string]
Syntax Description
address
(Optional) Displays violations from a specific IP address.
nai string
(Optional) Network access identifier.
Command Modes
EXEC
Command History
12.0(1)T
This command was introduced.
12.2(2)XC
The nai keyword and associated parameters were added.
Usage Guidelines
The most recent violation is saved for all the mobile nodes. A circular log holds up to 50 unknown requesters, violators without security association. The oldest violations will be purged to make room for new unknown requesters when the log limit is reached.
Security violation messages are logged at the informational level (see the logging global configuration command). When logging is enabled to include this severity level, violation history can be displayed using the show logging command.
Examples
The following is sample output from the show ip mobile violation command:
Router# show ip mobile violationSecurity Violation Log:Mobile Hosts:20.0.0.1:Violations: 1, Last time: 06/18/97 01:16:47SPI: 300, Identification: B751B581.77FD0E40Error Code: MN failed authentication (131), Reason: Bad authenticator (2)Table 9 describes significant fields shown in the display.
show ip mobile visitor
To display the table containing the visitor list of the foreign agent, use the show ip mobile visitor EXEC command.
show ip mobile visitor [[pending] [address | summary] | nai string]
Syntax Description
pending
(Optional) Displays the pending registration table.
address
(Optional) IP address.
summary
(Optional) Displays all values in the table.
nai string
(Optional) Network access identifier.
Command Modes
EXEC
Command History
Usage Guidelines
The foreign agent updates the table containing the visitor list of the foreign agent in response to registration events from mobile nodes.
Examples
The following is sample output from the show ip mobile visitor command:
Router# show ip mobile visitorMobile Visitor List:Total 120.0.0.1:Interface Ethernet1/2, MAC addr 0060.837b.95ecIP src 20.0.0.1, dest 67.0.0.31, UDP src port 434HA addr 66.0.0.5, Identification B7510E60.64436B38Lifetime 08:20:00 (30000) Remaining 08:19:16Tunnel100 src 68.0.0.31, dest 66.0.0.5, reverse-allowedRouting Options - (T)Reverse-tunnelTable 10 describes the significant fields shown in the display.
show ipc sctp statistics
To display ipc sctp statistics, use the show ipc sctp statistics command.
show ipc sctp statistics
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
Sample show output for the show ipc sctp command:
router # show ipc sctp statisticsIPC default Zone:IPC association Id: 1SCTP Protocol Local: port: 6602 ip: 10.2.86.26keepalive 1500retransmit-timeout 300 600bundling 20cumulative-sack 200path-retransmit 4assoc-retransmit 4max-inbound-streams 2init-timeout 1000init-retransmit 8receive-window 24000SCTP Protocol Remote: port: 22 ip: 10.2.87.26router #show redundancy inter-device
To display redundancy inter-device operational state and statistics, use the show redundancy inter-device command.
show redundancy inter-device
Syntax Description
This command has no keywords or arguments.
Defaults
No default keywords or arguments.
Command Modes
Privileged EXEC
Command History
Examples
Sample show output for the show redundancy inter-device command:
Redundancy inter-device state: RF_INTERDEV_STATE_ACTScheme: standbyGroupname: SB Group State: ActivePeer present: RF_INTERDEV_PEER_NOT_PRESENTshow tech-support cdma pdsn
To display PDSN information that is useful to Cisco Customer Engineers for diagnosing problems, use the show tech-support cdma pdsn command in privileged EXEC mode.
show tech support cdma pdsn
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This command displays the output of several show commands. We recommend that you attach the output of this command whenever you submit a PDSN problem report.
Examples
The following example shows typical output of the show tech-support cdma pdsn command:
pdsn-6500#show tech-support cdma pdsn------------------ show version ------------------Cisco Internetwork Operating System SoftwareIOS (tm) 6500 Software (C6500-C5IS-M), Experimental Version 12.2(20020306:074931) [user-dw91527 104]Copyright (c) 1986-2002 by cisco Systems, Inc.Compiled Wed 06-Mar-02 22:21 by userImage text-base:0x600088E0, data-base:0x6169A000ROM:System Bootstrap, Version 12.0(19990210:195103) [12.0XE 105], DEVELOPMENT SOFTWAREBOOTLDR:6500 Software (C6500-BOOT-M), Version 12.0(3)T, RELEASE SOFTWARE (fc1)mwt10-7206a uptime is 20 minutesSystem returned to ROM by reload at 23:17:59 UTC Wed Mar 6 2002System image file is "tftp://223.255.254.254/user/c6500-c5is-mz.dw91527"cisco 7206VXR (NPE300) processor (revision D) with 229376K/65536K bytes of memory.Processor board ID 21302179R7000 CPU at 262Mhz, Implementation 39, Rev 2.1, 256KB L2, 2048KB L3 Cache6 slot VXR midplane, Version 2.1Last reset from power-onBridging software.X.25 software, Version 3.0.0.8 Ethernet/IEEE 802.3 interface(s)1 FastEthernet/IEEE 802.3 interface(s)1 ATM network interface(s)125K bytes of non-volatile configuration memory.8192K bytes of Flash PCMCIA card at slot 0 (Sector size 128K).4096K bytes of Flash internal SIMM (Sector size 256K).Configuration register is 0x0------------------ show running-config ------------------Building configuration...Current configuration :3015 bytes!version 12.2no parser cacheno service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryptionservice cdma pdsn!hostname mwt10-7206a!aaa new-model!!aaa authentication login default noneaaa authentication ppp default group radiusaaa authentication ppp VPDN group radiusaaa authorization config-commandsaaa authorization ipmobile default group radiusaaa authorization network default group radiusaaa authorization network VPDN group radiusaaa authorization config-commandsaaa authorization network default group radiusaaa authorization configuration default group radiusaaa accounting update periodic 10aaa accounting network pdsn start-stop group radiusaaa session-id commonenable secret 5 <removed>enable password <removed>!username abc password 0 <removed>ip subnet-zerono ip gratuitous-arpsip cefip cef accounting per-prefix non-recursive prefix-length!!!ip ftp source-interface Ethernet2/0no ip domain-lookup!vpdn enablevpdn authen-before-forwardvirtual-profile aaa!!!!!!!interface Loopback0ip address 6.0.0.1 255.0.0.0!interface CDMA-Ix1ip address 5.0.0.1 255.0.0.0tunnel source 5.0.0.1tunnel key 0tunnel sequence-datagrams!interface FastEthernet1/0ip address 4.0.0.101 255.0.0.0duplex halfspeed autono cdp enable!interface Ethernet2/0ip address 7.0.0.1 255.0.0.0no ip proxy-arpno ip route-cacheno ip mroute-cacheduplex halfno cdp enable!interface Ethernet2/1ip address 150.1.10.4 255.255.0.0duplex halfno cdp enable!interface Ethernet2/2no ip addressno ip mroute-cacheshutdownduplex halfno cdp enable!interface Ethernet2/3no ip addressno ip mroute-cacheshutdownduplex halfno cdp enable!interface Ethernet2/4no ip addressno ip mroute-cacheshutdownduplex halfno cdp enable!interface Ethernet2/5no ip addressno ip mroute-cacheshutdownduplex halfno cdp enable!interface Ethernet2/6no ip addressno ip mroute-cacheshutdownduplex halfno cdp enable!interface Ethernet2/7no ip addressno ip mroute-cacheshutdownduplex halfno cdp enable!interface ATM4/0no ip addressno ip mroute-cacheshutdownno atm ilmi-keepalive!interface Virtual-Template1ip unnumbered Loopback0ip mobile foreign-service challengeip mobile foreign-service reverse-tunnelip mobile registration-lifetime 65535no peer default ip addressppp authentication chap pap optional!router mobile!ip local pool ispabc-pool1 9.0.0.1 9.0.0.255ip classlessip route 10.0.0.0 255.0.0.0 7.0.0.2no ip http serverip pim bidir-enableip mobile foreign-agent care-of Ethernet2/0ip mobile proxy-host nai mwts-mipp-np-user1@ispxyz.com flags 42!!dialer-list 1 protocol ip permitdialer-list 1 protocol ipx permitno cdp run!!radius-server host 150.1.0.1 auth-port 1645 acct-port 1646 key <removed>radius-server retransmit 3radius-server optional-passwordsradius-server key <removed>radius-server vsa send accountingradius-server vsa send authenticationradius-server vsa send accounting 3gpp2radius-server vsa send authentication 3gpp2cdma pdsn virtual-template 1cdma pdsn a10 max-lifetime 65535cdma pdsn a10 ahdlc-engine 5 usable-channels 8000cdma pdsn timeout mobile-ip-registration 300cdma pdsn msid-authenticationcdma pdsn selection interface Ethernet2/0cdma pdsn secure pcf default spi 100 key ascii testcdma pdsn secure pcf 4.0.0.1 spi 100 key ascii testcdma pdsn secure pcf 4.0.0.1 spi 1000 key ascii ciscocdma pdsn secure cluster default spi 100 key ascii ciscocall rsvp-sync!!mgcp profile default!dial-peer cor custom!!!!gatekeepershutdown!!line con 0exec-timeout 0 0line aux 0line vty 0 4password <removed>!!end------------------ show cdma pdsn ------------------PDSN software version 1.2, service is enabledA11 registration-update timeout 1 sec, retransmissions 5Mobile IP registration timeout 300 secA10 maximum lifetime allowed 65535 secGRE sequencing is onMaximum PCFs limit not set, maximum sessions limit not setSNMP failure history table size 100MSID Authentication is enabledNetwork code digits for IMSI 5, MIN 6, IRM 4Profile Password is ciscoIngress address filtering is disabledSending Agent Adv in case of IPCP Address Negotiation is disabledAging of idle users disabledNumber of pcfs connected 1Number of sessions connected 1,Simple IP flows 0, Mobile IP flows 0,Proxy Mobile IP flows 1------------------ show ip interface brief ------------------Interface IP-Address OK? Method Status ProtocolFastEthernet1/0 4.0.0.101 YES NVRAM up upEthernet2/0 7.0.0.1 YES manual up upEthernet2/1 150.1.10.4 YES NVRAM up upEthernet2/2 unassigned YES NVRAM administratively down downEthernet2/3 unassigned YES NVRAM administratively down downEthernet2/4 unassigned YES NVRAM administratively down downEthernet2/5 unassigned YES NVRAM administratively down downEthernet2/6 unassigned YES NVRAM administratively down downEthernet2/7 unassigned YES NVRAM administratively down downATM4/0 unassigned YES NVRAM administratively down downLoopback0 6.0.0.1 YES NVRAM up upCDMA-Ix1 5.0.0.1 YES NVRAM up upVirtual-Template1 6.0.0.1 YES unset down downVirtual-Access1 unassigned YES unset up upMobile0 unassigned YES unset up upTunnel0 unassigned YES unset up upTunnel1 7.0.0.1 YES unset up upVirtual-Access2 unassigned YES unset down downVirtual-Access3 unassigned YES unset up upVirtual-Access3.1 6.0.0.1 YES unset up up------------------ show ip route ------------------Codes:C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODRP - periodic downloaded static routeGateway of last resort is not setC 4.0.0.0/8 is directly connected, FastEthernet1/0C 5.0.0.0/8 is directly connected, CDMA-Ix1C 6.0.0.0/8 is directly connected, Loopback0C 7.0.0.0/8 is directly connected, Ethernet2/0S 10.0.0.0/8 [1/0] via 7.0.0.2C 150.1.0.0/16 is directly connected, Ethernet2/130.0.0.0/32 is subnetted, 1 subnetsC 30.0.0.1 is directly connected, Virtual-Access3.1------------------ show cdma pdsn session brief ------------------MSID PCF IP Address PSI Age St Flows Interface11122000050031 4.0.0.1 1 00:19:57 ACT 1 Virtual-Access3.1------------------ show cdma pdsn session ------------------Mobile Station ID IMSI 11122000050031PCF IP Address 4.0.0.1, PCF Session ID 1A10 connection time 00:19:57, registration lifetime 1800 secNumber of A11 re-registrations 1, time since last registration 1193 secCurrent Access network ID 0004-0000-01Last airlink record received is Active Start, airlink is activeGRE sequence number transmit 12, receive 12Using interface Virtual-Access3.1, status ACTUsing AHDLC engine on slot 5, channel ID 0This session has 1 flowFlow service Proxy-Mobile, NAI mwts-mipp-np-user1@ispxyz.comMobile Node IP address 30.0.0.1Home Agent IP address 7.0.0.2Packets in 0, bytes in 0Packets out 0, bytes out 0------------------ show cdma pdsn pcf brief ------------------PCF IP Address Sessions Pkts In Pkts Out Bytes In Bytes Out4.0.0.1 1 0 12 0 396------------------ show cdma pdsn pcf ------------------PCF 4.0.0.1 has 1 sessionReceived 0 pkts (0 bytes), sent 12 pkts (396 bytes)PCF Session ID 1, Mobile Station ID IMSI 11122000050031A10 connection age 00:19:58A10 registration lifetime 1800 sec, time since last registration 1194 sec------------------ show cdma pdsn selection summary ------------------CDMA PDSN selection summary:Hostname PDSN Session-count Max-sessions*mwt10-7206a 5.0.0.1 1 8000mwt10-7206b 12.0.0.1 0 8000Hostname Keepalive Interface Load-factor*mwt10-7206a 30 7.0.0.1 0.00mwt10-7206b 30 7.0.0.2 0.00------------------ show ip mobile traffic ------------------IP Mobility traffic:Advertisements:Solicitations received 0Advertisements sent 0, response to solicitation 0Home Agent Registrations:Register 0, Deregister 0 requestsRegister 0, Deregister 0 repliedAccepted 0, No simultaneous bindings 0Denied 0, Ignored 0 , Dropped 0Unspecified 0, Unknown HA 0Administrative prohibited 0, No resource 0Authentication failed MN 0, FA 0, active HA 0Bad identification 0, Bad request form 0Unavailable encap 0, reverse tunnel 0Reverse tunnel mandatory 0Binding Updates received 0, sent 0 total 0 fail 0Binding Update acks received 0 sent 0Binding info requests received 0, sent 0 total 0 fail 0Binding info reply received 0 drop 0, sent 0 total 0 fail 0Binding info reply acks received 0 drop 0, sent 0Gratuitous 0, Proxy 0 ARPs sentRoute Optimization Binding Updates sent 0, acks received 0 neg acks received 0Unrecognized VendorID or CVSE-Type in CVSE sent by MN to HA 0Unrecognized VendorID or CVSE-Type in CVSE sent by FA to HA 0Foreign Agent Registrations:Request in 0,Forwarded 0, Denied 0, Ignored 0Unspecified 0, HA unreachable 0Administrative prohibited 0, No resource 0Bad lifetime 0, Bad request form 0Unavailable encapsulation 0, Compression 0Unavailable reverse tunnel 0Reverse tunnel mandatory 0Replies in 1Forwarded 0, Bad 0, Ignored 1Authentication failed MN 0, HA 0Received challenge/gen. authentication extension, feature not enabled 0Route Optimization Binding Updates received 0, acks sent 0 neg acks sent 0Unknown challenge 0, Missing challenge 0, Stale challenge 0Unrecognized VendorID or CVSE-Type in CVSE sent by MN to FA 0Unrecognized VendorID or CVSE-Type in CVSE sent by HA to FA 0------------------ show ip mobile globals ------------------IP Mobility global information:Home Agent is not enabledForeign AgentPending registrations expire after 15 secsCare-of addresses advertisedEthernet2/0 (7.0.0.1) - up0 interfaces providing serviceEncapsulations supported:IPIP and GRETunnel fast switching enabledTunnel path MTU discovery aged out after 10 min------------------ show ip mobile interface ------------------IP Mobility interface information:------------------ show vpdn tunnel ------------------------------------ show cdma pdsn resource ------------------Resource allocated/available in the resource managerslot 0:AHDLC Engine Type:CDMA HDLC SW ENGINEEngine is ENABLEDtotal channels:16000, available channels:16000snmp-server enable traps cdma
To enable network management traps for CDMA, use the snmp-server enable traps cdma command in global configuration mode. To disable network management traps for CDMA, use the no form of this command.
snmp-server enable traps cdma
no snmp-server enable traps cdma
Syntax Description
This command has no arguments or keywords.
Defaults
Network management traps disabled.
Command Modes
Global Configuration
Command History
Examples
The following example enables network management traps for CDMA:
snmp-server enable traps cdmasnmp-server enable traps ipmobile
To configure Simple Network Management Protocol (SNMP) security notifications for Mobile IP, use the snmp-server enable traps ipmobile command in global configuration mode. To disable SNMP notifications for Mobile IP, use the no form of this command.
snmp-server enable traps ipmobile
no snmp-server enable traps ipmobile
Syntax Description
This command has no arguments or keywords.
Defaults
SNMP notifications are disabled by default.
Command Modes
Global Configuration
Command History
Usage Guidelines
SNMP Mobile IP notifications can be sent as traps or inform requests. This command enables both traps and inform requests.
For a complete description of this notification and additional MIB functions, see the RFC2006-MIB.my file, available on Cisco.com at
http://www.cisco.com/public/mibs/v2/.
The snmp-server enable traps ipmobile command is used in conjunction with the snmp-server host command. Use the snmp-server host global configuration command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send Mobile IP informs to the host at the address myhost.cisco.com using the community string defined as public:
snmp-server enable traps ipmobilesnmp-server host myhost.cisco.com informs version 2c publicsubscriber redundancy rate
To configure the Cluster Control Manager to sync the number_sessions calls to the standby at a configurable interval, use the subscriber redundancy rate command in global configuration mode. The periodic rate will be applicable for both dynamic and bulk sync. To disable this feature, use the no form of the command.
subscriber redundancy rate [number_sessions] [number_period]
no subscriber redundancy rate
Syntax Description
number_sessions
Specifies the number of calls synched to the standbv.
number_period
Specifies the number in seconds between synch attempts.
Defaults
There are no default values.
Command Modes
Global configuration
Command History
Usage Guidelines
Note
subscriber redundancy rate 500 1Examples
The following example illustrates the subscriber redundancy rate command:
router(config)# subscriber redundancy rate 500 1CCVP, the Cisco logo, and Welcome to the Human Network are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networkers, Networking Academy, Network Registrar, PIX, ProConnect, ScriptShare, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0711R)
Copyright © 2007, Cisco Systems, Inc. All rights reserved.
