The Session Initiation Protocol (SIP), described by RFC 3261, is the Internet protocol that establishes, modifies, and terminates conferencing and telephony sessions over an IP-based network using text-based messages. SIP is a major protocol in real-time collaboration networks.
You enable and configure SIP on Ethernet and VLAN interfaces. To configure load-balancing of SIP processing, see Configuring Head-End and Backing Interfaces.
Network Address Translation (NAT) takes the internal IP addresses from the private network and maps them to global public IP addresses for recipients on the public Internet. When an internal IP address:port (source address) is mapped to an external IP address:port (destination address), recipients can route traffic back to the originating IP address and port. NAT protects the private IP addresses from being exposed to clients on the public Internet.
The ME uses NAT to ensure that SIP phone calls from internal clients on the private network can traverse enterprise firewalls en route to external clients on the public Internet. NAT operates on the two components that comprise a SIP phone call: the SIP signaling stream that sets up the phone call, and the media stream that carries RTP packets between the SIP clients. This includes:
Re-writing IP address and TCP/UDP port information embedded in SIP/SDP messages as necessary to ensure address continuity
Opening and closing internal media ports (”pinholes”) and controlling NAT bindings dynamically, in perfect synchronization with SIP signaling state to enable secure transit of SIP-associated media streams.
Configures the Session Initiation Protocol (SIP) on an Ethernet or VLAN interface.
config cluster box number interface ethX ip name sip config cluster vrrp vinterface vxID ip name sip config cluster box number interface ethX vlan number ip name sip config box interface ethX ip name sip config box interface ethX vlan number ip name sip
admin: Enables or disables SIP on this IP interface.
Default: disabled
Values: enabled | disabled
Example: set admin enabled
nat-translation: Enables or disables NAT translation on this interface. See Network Address Translation for more information.
Default: disabled
Values: enabled | disabled
Example: set nat-translation enabled
nat-add-received-from: Sets whether the system modifies the FROM header on a NAT-translated session. If enabled (and far-side NAT translation is enabled), when the system transmits an INVITE, it adds a ”received-from” parameter to the From: header. The property includes the public IP address on which the original REGISTER was received.
Default: disabled
Values: enabled | disabled
Example: set nat-add-received-from enabled
nat-add-X-Remote-Info: When enabled, if nat-translation is also enabled and a SIP message is received from an endpoint behind a NAT, the ME adds an X-Remote-Info header with the public IP and port of the NAT device.
Default: enabled
Values: enabled | disabled
Example: set nat-add-X-Remote-Info disabled
udp-port <portNumber>[fromServerReference][toServerReference]: Sets the User Datagram Protocol (UDP) port number to use when listening for SIP messages. The known UDP port number for SIP is 5060.
Optionally, you can enter a reference to a source and destination server to enable tunneling for Nortel clients. Setting the server ”tells” the system that all traffic on this port is between those server types, enabling the system to filter based on that information. Use quotation marks to enter the reference. See Configuring Messaging Client Tunnels for more information.
Default: 5060
Example: set udp-port 5060 ”vsp\enterprise\servers\sip-host nortel-client” ”vsp\enterprise\servers\mcs mcs-server”
tcp-port<portNumber>[fromServerReference][toServerReference]: Sets the Transmission Control Protocol (TCP) port number to use when listening for SIP messages. The known TCP port number for SIP is 5060.
Optionally, you can enter a reference to a source and destination server to enable tunneling for Windows Messenger clients. Setting the server ”tells” the system that all traffic on this port is between those server types, enabling the system to filter based on that information. Use quotation marks to enter the reference. See Configuring Messaging Client Tunnels for more information.
Default: 5060
Example: set tcp-port 5060 ”vsp\enterprise\servers\sip-host WMsgr” ”vsp\enterprise\servers\lcs lcs-server”
tls-port<portNumber>[fromServerReference][toServerReference]: Sets the TLS port number to use when listening for SIP messages. The known TLS port number for SIP is 5061.
Optionally, you can enter a reference to a source and destination server to enable tunneling for Windows Messenger or Nortel clients. Setting the server ”tells” the system that all traffic on this port is between those server types, enabling the system to filter based on that information. Use quotation marks to enter the reference. See Configuring Messaging Client Tunnels for more information.
Default: 5061
Values: enabled | disabled
Example: set tls-port 5061 ”vsp\enterprise\servers sip-host WMSgr” ”vsp\enteprise\servers\lcs lcs-secure”
certificate: Assigns the certificate that must be presented to participate in SIP exchanges. Enter a reference to a previously configured certificate.
Default: There is no default setting
Example: set certificate vsp tls certificate nnos-e.companyA.com
load-balancing: Configures load balancing backing interfaces and distribution method.
Configures load balancing backing interfaces and distribution method. Note that typically load-balancing is configured on VRRP interfaces to create the redundancy. You must configure the load-balancing master service for load balancing to be enabled.
To load balance across tunnels, see Configuring Load Balancing Across OC Client-to-LCS Server Tunnels for complete configuration instructions.
config cluster box number interface ethX ip name sip load-balancing config cluster vrrp vinterface vxID ip name sip load-balancing
hash-function: Sets the hash method to use to ensure that all traffic on a connection gets forwarded to the same backing interface. The values used in the hash function are derived from the IP header on the Ethernet/IP frame.
Default: source-address-and-port
Values: source-address-and-port: The source IP address and port value.
source-address-low-octet: The bottom seven bits of the source port value.
source-address: The source IP address value.
source-address-port-and-protocol: the source IP address, port, and protocol values.
source-port: The bottom seven bits of the source port value.
Example: set hash-function source-address
head-end-interface: Specifies a head-end interface to serve as the central distribution point of SIP traffic. The parent object of this setting becomes, by definition of the configuration, a backing interface. A backing interface can support only one head-end interface.
See Configuring Head-End and Backing Interfaces for rules on configuring the head-end interface correctly.
Default: There is no default setting
Example: set head-end-interface ”cluster vrrp vinterface vx1 ip headend1”