Using Security Associations for RTP and RTCP

With RTP and SRTP supported in the same realm, you want to configure your SRTP security policies to preserve system resources. You need to do to avoid session agent interaction that can have an adverse impact on the number of sessions.

To do so, check the local-ip-match-address for the STRP security policy has an IP address different from the all steering pool IP addresses for realms requiring both RTP and SRTP. The E-SBC recognizes this difference automatically and sets the connection address of media lines in SDP accordingly:

  • The connection address for RTP media lines is the IP address of the applicable steering pool. The E-SBC passes through RTP and RTCP packets sent by and received from the steering pool IP address. This operation requires no reference to session agents because the steering pool address does not match the IP address for the SRTP security policy’s local-ip-address-match value.
  • The connection address of the SRTP media lines continues to be the local-ip-address-match value from the applicable SRTP security policy.

Since RTP and RTCP packets are sent to and from the steering pool’s IP address (an IP address for which there is no SRTP security policy configured), there is no reason to reference session agents.

Note:

Oracle ’s Enhanced Traffic Controller (ETC) networking interface unit handles traffic differently such the issue with session agent reference is elided. That is, if you are using the ETC NIU (available with OS Release S-CX6.3.0 and later), you do not need to be concerned about this issue.
Previous
Previous 		Next
Next
Go To Table Of Contents
Contents