Troubleshoot Unexpected Redirection Triggered on ePDG

Available Languages

Download Options

  • PDF     (9.0 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (82.9 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (68.5 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:July 28, 2022
Document ID:217996

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes the Evolved Packet Data Gateway (ePDG) re-selection procedure.

    Background Information

    Current ePDG Selection Procedure

    • 3GPP Release11 ePDG selection procedure
    • User Equipment (UE) constructs ePDG Fully Qualified Domain Name (FQDN) based on Home Public land mobile network (HPLMN) or Visiting Public land mobile network (VPLMN)
    • UE sends A/AAAA request to DNS for ePDG FQDN
    • DNS responds with ePDG IP Address
    • UE sends Internet Key Exchange version 2 (IKEv2) Request to ePDG IP Address
    • DNS servers can do round robin load balance across multiple ePDG IP addresses
    • UE can try different ePDG when the selected ePDG is unreachable
    • Some DNS servers can detect the liveliness of the ePDGs

    ePDG Re-selection Based on IKEv2 - Redirection

    How does it work?

    • IKE redirection based ePDG re-selection (RFC 5685)

    • When you attach or handover, UE chooses ePDG1 with available DNS procedures and sends IKE_INIT to ePDG1 with REDIRECT_SUPPORTED indication

    • ePDG1 uses PGW Identity received from AAA, to select ePDG2 collocated to Packet Data Network Gateway (PGW)

    • ePDG1 redirects UE to ePDG2, UE connects to ePDG2

    • UE can cache the PDG2 IP Address and use it for subsequent requests

    ePDG Re-selection Solution

    • DNS server sends the address of all ePDGs of all zones to UE (ensures a different order to each UE to achieve load balance)

    • UE chooses the first ePDG in the list and initiates the IKEv2 tunnel with it. If it fails, it chooses another ePDG from the list or repeats the DNS procedure

    • ePDG redirects the IKEv2 sessions to another ePDG from a different zone to achieve ePDG and PGW co-location

    • ePDG sends an IP address in REDIRECT payload to UE

    • UE can send IKE_INIT to new ePDG and call setup completes

    Steps to Troubleshoot

    1. UE sends IKE_SA_INIT with the redirect_support flag set in the request to ePDG, and you can check this flag in the monitor subscriber logs.

    + IKE Header Processed-Dump, HBO (Length: 28 (0x1C) bytes)
    Initiator SPI (U64): 0xCDC14DDC62E0D586
    Responder SPI (U64): 0x0000000000000000
    Next Payload (U08): SA/33 (0x21)
    Major Version (U04): 2
    Minor Version (U04): 0
    XCHG Type (U08): IKE_SA_INIT/34 (0x22)
    Reserved (U03): 0
    Initiator Flag (U01): Initiator/1 (0x01)
    Version Flag (U01): 0
    Response Flag (U01): 0
    Reserved (U02): 0
    MSGID (U32): 0
    Length (U32): 334 (0x14E) bytes

    + NOTIFY Payload Processed-Dump, HBO (Length: 8 (0x8) bytes)
    Next Payload (U08): NO_NEXT_PAYLOAD/0 (0x00)
    Critical (U01): 0
    Reserved (U07): 0
    Payload Length (U16): 8 (0x8) bytes
    Protocol ID (U08): 0/0 (0x00)
    SPI Size (U08): 0 (0x0) bytes
    Notify Message Type (U16): REDIRECT_SUPPORTED/16406 (0x4016)
    - NOTIFY Payload Raw-Dump, NBO (Length: 8 (0x8) bytes)


    2. ePDG redirection error logs are present in the syslogs to indicate that the request is redirected to another ePDG.

    "2022-Jun-15+23:37:26.862 [sessmgr 11531 error] [3/2/21272 <sessmgr:1> sessmgr_epdg.c:5199] [callid 00020413] [context: ipsec, contextID: 12] [software external user syslog] Call redirected to another EPDG: X.X.X.X


    3. Identify the PGW selection in ePDG. The ePDG selection can be either static or dynamic. U    nder the ePDG-service, this is enabled with 'dns-pgw context gw' but in the apn-profile, a static PGW IP is assigned from the local configuration.

    epdg-service epdg
       dns-pgw context gw
    apn-profile apn_ims_epdg
          pgw-address X.X.X.X
          pgw-address X.X.X.X


    4    . It is required to collect the sessmgr core file for the re-direction event error log which is generated in Step 2.

    login to hidden mode
    config
    logging enable-debug facility sessmgr instance 1 eventid 11531 line-number 5199 collect-cores 1
    logging enable-debug facility sessmgr instance 1 eventid 11531 line-number 5199 collect-cores 1


    5. Based on the core analysis, it is identified that the redirect flag is enabled in the node.

    6. This CLI was configured in the node which causes to set the redirect flag in the sessmgr core file analysis.

    login to hidden mode
    [pdif]ePDG#  epdg redirect address <ip-address>

    7. This CLI is configured in the node hence calls are redirected to another ePDG if UE comes with REDIRECT_SUPPORT. Hence, it is required to disable this configuration.

    login to hidden mode
    [pdif]ePDG# no epdg redirect

    Note: This CLI is not captured in Show Support Details as it cannot be executed in configuration mode.

    Solution Proposed

    It is required to disable this command in CLI mode.

         

    login to hidden mode
    [pdif]ePDG# no epdg redirect

    Revision History

    Revision Publish Date Comments
    1.0
    28-Jul-2022
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Devarla Raghunath
      Cisco TAC Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products