Go to primary content
Oracle® Enterprise Session Border Controller ACLI Configuration Guide
Release E-CZ7.4.0
Next
Contents
Title and Copyright Information
About This Guide
1
Oracle® Enterprise Session Border Controller
Basics
Oracle Enterprise Session Border Controller Description
What Is a Realm
Nested Realms
What Is a Session Agent
SIP session agents
H.323 session agents
Why You Need Session Agents
How to Use Session Agents
What is a Session Agent Group
2
Software Editions
Overview
Common Functionality
Denial of Service (DoS) Protection
Denial of Service (DoS) Calculations
Ingress Queues
Denial of Service (DoS) Configuration Defaults
Packet Trace PCAP
Packet Capture Initiation
ACLI Command Support
Commands Related to Hardware
3
Getting Started
Enterprise Software Licensing
Entitlement Provisioning
Obtain a License
Trial License
Legacy - License Expiration
Legacy - Viewing Licenses
Unlicensed
Oracle® Enterprise Session Border Controller
Legacy - Standalone System Licensing
Add a License Key
Deleting a License from a Standalone System
High Availability (HA) Pair Licensing
Provisioning Entitlements on an HA Pair
De-Provisioning Entitlements on an HA Pair
System Provisioning
Product Type Provisioning
Setup Entitlements
License Keys and Provisioned Entitlements Compatibility
Download the Software
Installation and Start-Up
Hardware Installation Process
Connecting to Your
Oracle® Enterprise Session Border Controller
Create a Console Connection
Incoming Telnet Connections and Time-outs
SSH Remote Connections
System Boot
Oracle® Enterprise Session Border Controller
Boot Parameters
Boot Parameters
Sample
Oracle® Enterprise Session Border Controller
Boot Parameters
Notes on Boot Parameters
Boot Parameter Changes
Change Boot Parameters from the ACLI
Change Boot Parameters by Interrupting a Boot in Progress
Boot Parameter Definitions
Configurable Boot Loader Flags
Installation Wizard
About the Installation Wizard
Running Setup
Enable Basic Mode and or Expert Mode
Setting Up High Availability (HA) Mode
Setting Up System Basics
New System Prompt
NTP Synchronization
Setting NTP Synchronization
Authenticated NTP
Monitoring NTP from the ACLI
View Statistics
View Status
Using the
Oracle® Enterprise Session Border Controller
Image
Obtaining a New Image
Copy an Image to the
Oracle® Enterprise Session Border Controller
using SFTP
System Image Filename
Booting an Image on Your
Oracle® Enterprise Session Border Controller
Booting from Flash Memory
Booting from an External Device
Customizing Your ACLI Settings
Disabling the Second Login Prompt
Disabling the Second Login Prompt Configuration
Persistent ACLI more Parameter
Persistent ACLI more Parameter Configuration
Customized Login Banner
ACLI Expected Behavior
Password Policy
Configuring Password Policy Properties
Administrative Security ACP License
Enable the Administrative Security ACP License Password Rules
4
Software Upgrades
Introduction
Notes on Boot Parameters
Password Secure Mode
Upgrading Software Images
Upgrade Checklist
Acme Packet 4500 Upgrade Requirements
Considerations when Booting the Acme Packet 1100 and 3900
Stand-alone Upgrade
Boot Loader Requirements
Check /boot for free space
Image and Bootloader File Conventions
Update the Stage 3 Boot Loader and System Image
Software Upgrade Procedure
HA Upgrade
Upgrade Process
HA Backout Procedure
Moving a Configuration
Backup Commands
Backing up the current configuration
Listing Backups
Copy the Backup to the destination
Oracle® Enterprise Session Border Controller
Restoring Backups
5
System Configuration
General System Information
System Identification
Connection Timeouts
Configuring General System Information
ACLI Instructions and Examples
System Identification
Hostname Field Lengths
Configuring Connection and Debug Logging Timeouts
ACLI Command-Line Tools
Tab Completion
Consistent and Detailed Error Messages
Question Mark Help
Password Entry
Find Commands
Quit Command in Configuration Mode
Searching the ACLI Menu
Searching Globally
Displaying Copying and Pasting Configurations
Abbreviated Configuration Summary
Configuration Pasting
Timezones
About UTC Timezones
Using the Timezone-Set Wizard
Configuring Timezone using POSIX Format
Tailored Configuration Views for SIPTX
Showing Running for Templated Configuration
Tailoring Show Running for Templates
Quit Command in Configuration Mode
Update the Configuration Schema
Acme Packet 3900 Platform
The Acme Packet 3900 Platform Physical Interfaces
SNMP Hardware Reporting
Acme Packet 3900 MIBS Paths
NIU Port Numbering Reference for the Acme Packet 3900 Platform
Configure the Acme Packet 3900 Physical Interface
Physical Interfaces: Acme Packet 4500
Network Media Interfaces
Network Management Interfaces
Before You Configure
Phy-Interface Configuration
Identity and State
Operation Type and Location
Auto-negotiation for Management Interfaces
HA Configuration
Acme Packet 4600
Acme Packet 4600 Physical Interfaces
Acme Packet 4600 NIU Port Numbering Reference
Acme Packet 4600 Physical Interface Configuration
Acme Packet 6300 Physical Interfaces
Virtual Machine (VM) Edition
Build Images for Virtual Machines
Minimum Virtual Machine Resources
Licenses
Create and Deploy VMware Net-Net OS VM Edition
Virtual Machine (VM) Configuration
Set the Boot Parameters
Format the Virtual Machine (VM) Hard Drive
Optional Virtual Machine (VM) Configuration
Designate a virtual Machine (VM) as a Template
Interface Utilization: Graceful Call Control, Monitoring, and Fault Management
Calculation Overview
Alarms
Alarm Configuration
Configuring Utilization Thresholds for Media Interfaces
Configuring Graceful Call Control
Network Interfaces
IP Configuration
VLANs
Overlapping Networks
Administrative Applications Over Media Interfaces
Configurable MTU Size
Network Interface Configuration
Special Considerations
Network Interfaces Configuration
IP Configuration and Identification
VLAN Configuration
HIP Address Configuration
Configurable MTU Size
System Wide MTU Size
Session Border Controller (SBC) Deployment Behind a Network Address Translation (NAT) Device
Enable an SPL Plug-in
Configure the Session Border Controller (SBC) Behind a Network Address Translation (NAT) Device Option
Traceroute Command
SNMP
Overview
Basic SNMP Parameters
SNMP Community
SNMP Trap Receiver Uses
SNMPv3 Support
Configuring SNMP
SNMP Configuration Overview
SNMP Configuration
System Wide Configuration for SNMP
SNMP Community Configuration
Configure Subnet Ranges in SNMP Community
Trap Receiver Configuration
Media Supervision Traps
Syslog and Process Logs
Overview
Process Log Messages
Syslog and Process Logs Configuration
Syslog Configuration
Configure the Process Log Server
Host Routes
Host Routes Example
Host Route Configuration
Setting Holidays in Local Policy
Holidays Configuration
Opening TCP Ports 3000 and 3001
Port 111 Configuration
Enable System to Connect to SDM
DNS Transaction Timeout
Retransmission Logic
DNS Transaction Timeout Configuration
Persistent Protocol Tracing
About Persistent Protocol Tracing
About the Logs
Process Logs
Communication Logs
Protocol Trace Logs
Persistent Protocol Tracing Configuration
System Access Control
Adding an ACL for the Management Interface
Notes on Deleting System ACLs
System TCP Keepalive Settings
System TCP Keepalive Configuration
Configurable TCP Timers
Configuring TCP Connection Establishment
Configuring TCP Data Retransmission
Timer for Idle Connections
Historical Data Recording (HDR)
Packet Trace
Packet Trace Remote
Packet Trace Local
Packet Trace Scenarios
Packet Trace for One Endpoint
Packet Trace for Both Call Legs
Packet Trace for a Signaling Address
Running Packet Trace
Configuring a Trace Server
Starting a Remote Packet Trace
Stopping a Remote Packet Trace
Starting a Local Packet Trace
Stopping a Local Packet Trace
RAMdrive Log Cleaner
Applicable Settings
Clean-Up Procedure
Clean-Up Frequency
RAMdrive Log Cleaner Configuration
Configurable Alarm Thresholds and Traps
SNMP Traps
Alarm Thresholds Configuration
Alarm Synchronization
Caveats
Alarm Synchronization Configuration
Accounting Configuration
Stream Control Transfer Protocol Overview
SCTP Packets
SCTP Terminology
SCTP Message Flow
Congestion Control
Multi-Streaming
Delivery Modes
Multi-Homing
Multi-Homing and Path Diversity
Monitoring Failure Detection and Recovery
Configuring SCTP Support for SIP
Configuring an SCTP SIP Port
Configuring the Realm
Configuring Session Agents
Setting SCTP Timers and Counters
Setting the RTO
Setting the Heartbeat Interval
Setting the SACK Delay Timer
Limiting DATA Bursts
Setting Endpoint Failure Detection
Setting Path Failure Detection
Specifying the Delivery Mode
Example Configurations
Phy Interface Configuration
Network Interface Configuration
SIP Port Configuration
Realm Configuration
Session Agent Configuration
The Acme Packet 4500 and IPv6
Licensing
Updated ACLI Help Text
IPv6 Address Configuration
Access Control
Host Route
Local Policy
Network Interface
Realm Configuration
Session Agent
SIP Configuration
SIP Interface SIP Ports
Steering Pool
System Configuration
IPv6 Default Gateway
Network Interfaces and IPv6
IPv6 Reassembly and Fragmentation Support
Access Control List Support
Data Entry
DNS Support
Homogeneous Realms
Parent-Child Network Interface Mismatch
Address Prefix-Network Interface Mismatch
RADIUS Support for IPv6
Supporting RADIUS VSAs
6
Realms and Nested Realms
Overview
About Realms and Network Interfaces
About the SIP Home Realm
About Realms and Other
Oracle® Enterprise Session Border Controller
Functions
Realms
Before You Configure
Realm Configuration
Identity and IP Address Prefix
Realm Interfaces
Realm Service Profile
QoS Measurement
QoS Marking
Address Translation Profiles
DNS Servers
DoS ACL Configuration
Enabling RTP-RTCP UDP Checksum Generation
Aggregate Session Constraints Per Realm
UDP Checksum Generation Configuration
Admission Control Configuration
Reserved Parameters
Nested Realms
Configuring Nested Realms
Parent and Child Realm Configuration
Required Signaling Service Parameters
Aggregate Session Constraints Nested Realms
Impact to Other Session Constraints and Emergency Calls
Session Contraints Configuration
Realm-Based Packet Marking
About TOS DiffServ
ToS Byte
DiffServ Byte
Packet Marking for Media
Configuring Packet Marking by Media Type
Packet Marking Configuration
Applying a Media Policy to a Realm
Signaling Packet Marking Configuration
Configuring a Media Policy for Signaling Packet Marking
Applying a Media Policy to a Realm
Using Class Profile for Packet Marking
Class Profile and Class Policy Configuration
Applying a Class Policy to a Realm
SIP-SDP DCSP Marking ToS Bit Manipulation
ToS Bit Manipulation Configuration
Steering Pools
Configuration Overview
Steering Pool Configuration
SDP Alternate Connectivity
SDP Alternate Connectivity Configuration
Multiple Interface Realms
Steering Pool Port Allocation
Network Interface Configuration
Creating Steering Pools for Multiple Interface Realms
Media over TCP
TCP Bearer Conditions
TCP Port Selection
SDP Offer Example
Timers
TCP Port Configuration
Transparent BFCP Support over UDP and TCP
Restricted Media Latching
About Latching
Restricted Latching
Symmetric Latching
Relationship to Symmetric Latching
Example 1
Example 2
Restricted Latching Configuration
Media Release Across SIP Network Interfaces
Media Release Configuration
Media Release Behind the Same IP Address
Additional Media Management Options
Configuring Media Release Behind the Same IP Address
Bandwidth CAC for Media Release
Bandwidth CAC Configuration
Media Release between Endpoints with the Same IP Address
Media Release Configuration
Media Release Behind the Same NAT IP Address
Media Release Configuration
Codec Reordering
Preferred Codec Precedence
Codec Reordering Configuration
Setting a Preferred Codec for a Realm
Setting a Preferred Codec for a Session Agent
Media Profiles Per Realm
Call Admission Control and Policing
Media Profile Configuration
About Wildcarding
Multiple Media Profiles
Use Case 1
Use Case 2
Multiple Media Profiles Configuration
SIP Disable Media Inactivity Timer for Calls Placed on Hold
Media Inactivity Timer Configuration
7
SIP Signaling Services
About the
Oracle® Enterprise Session Border Controller
and SIP
Types of SIP Devices
Basic Service Models
About B2BUA
SIP B2BUA Peering
B2BUA Hosted IP Services
SIP B2BUA and L3 L5 NAT
About SIP Interfaces
SIP INVITE Message Processing
Example
Configuring the
Oracle® Enterprise Session Border Controller
for SIP Signaling
Home Realm
Overview
SIP NAT Function
Home Realm’s Purpose
Home Realm Configuration
SIP Interfaces
Overview
About SIP Ports
Preferred SIP Port
Proxy Mode
Redirect Action
SIP maddr Resolution
SIP maddr Resolution Configuration
Trust Mode
About the Process
Configurable Timers and Counters
Timer to Tear Down Long Duration Calls
Timer to Tear Down Long Duration Calls Configuration
SIP Interface Configuration
Configuring SIP Ports
Recurse 305 Only Redirect Action
Redirect Action Process
Redirect-Action Set to Proxy
Redirect-Action Set to Recurse
Redirect-Action Set to Recurse-305-Only
Redirect Configuration for SIP Interface
Embedded Routes in Redirect Responses
SIP PRACK Interworking
UAC-Side PRACK Interworking
UAS-Side PRACK Interworking
PRACK Interworking Configuration
Global SIP Timers
Overview
Timers Configuration
SIP Timers Discreet Configuration
Session Timer Support
Call Flow Example
SIP Per-User CAC
Per User CAC Modes
Per User CAC Sessions
Per User CAC Bandwidth
Notes on HA Nodes
SIP per User CAC Configuration
SIP Per-Realm CAC
SIP per Realm CAC Configuration
Enabling Realm-Based CAC
Viewing Realm-Based CAC Data
SIP Options Tag Handling
Overview
Configuration Overview
SIP Option Tag Handling Configuration
Replaces Header Support
New SDP Parameters in INVITE with Replaces
Early Dialog Replacement
INVITE with Replaces in Early Dialog Server Side
Replace Header Configuration
Debugging
show sipd status
show sipd errors
SIP Options
Overview
Global SIP Options
SIP Interface Options
SIP Session Agent Options
SIP Realm Options
SIP Realm Options Configuration
Configuring Multiple Options
Adding an Entry
SIP Security
Denial of Service Protection
Levels of DoS Protection
Configuration Overview
SIP Unauthorized Endpoint Call Routing
SIP Unauthorized Endpoint Call Routing Configuration
Digest Authentication with SIP
Challenge-Responses in Requests not in the Dialog
Configuring Digest Authentication
Additional Notes
Digest Authentication and High Availability
SIP NAT Function
Overview
NAT Modes
Adding a maddr Parameter to a URI
About Headers
Replacing Headers
Mapping FQDNs
SIP NAT Function Cookies
userinfo
host
URL Parameter
tel URL
Configuration Overview
SIP NAT Interface
SIP NAT Function Policies
SIP NAT Function Configuration
SIP Realm Bridging
About SIP NAT Bridging
SIP NAT Bridge Configuration Scenarios
Many to One Configuration
One-to-One Configuration
SIP NAT Bridge Configuration
Creating a Virtual Home Network
Many-to-One Configuration
One-to-One Configuration
Shared Session Agent
SIP Hosted NAT Traversal (HNT)
About SIP HNT
Using HNT with Existing NAT Device
Registering Endpoints
Establishing Media Flows
Prerequisites
Keeping the NAT Binding Open
Working with Multiple Domains
HNT Configuration Overview
SIP HNT Single Domain Example
SIP HNT Multiple Domain Example
HNT Configuration
Global SIP Configuration
Keep-Alive with CR LF 2832
Keep-alive Configuration
SIP Registration Local Expiration
SIP Registration Local Expiration Configuration
Simultaneous TCP Connection and Registration Cache Deletion
Registration Cache Deletion Configuration
SBC Incorrectly Appends Cookie in SIP REGISTER Message
process-implicit-tel-URI Configuration
SIP HNT Forced Unregistration
When to Use Forced Unregistration
Caution for Using Forced Unregistration
SIP HNT Forced Unregistration Configuration
Adaptive HNT
Overview
Adaptive HNT Example
Synchronize A-HNT Successful Timer to Standby
Adaptive NHT Configuration
SIP IP Address Hiding and NATing in XML
Sample SIP NOTIFY with NATed XML
SIP Server Redundancy
Overview
Configuration Overview
SIP Server Redundancy Configuration
Administratively Disabling a SIP Registrar
Considerations for Implicit Service Route Use
Manual Trigger Configuration
Manual Trigger Confirmation
Surrogate Agents and the
Oracle® Enterprise Session Border Controller
Surrogate Agent Refresh on Invalidate
Invalidate Registrations
Performance Impact
Media Inactivity Timer Configuration
Surrogate Registration
Registration
Routing Calls from the IP-PBX
Configure Surrogate Registration
Example
SIP Distributed Media Release
Overview
Endpoint Locations
Location of the Encoded Information
Example Distributed Media Release
Overview of SIP DMR Configuration
SIP DMR Configuration
Configuring the Realm
Add-On Conferencing
Overview
Caveats
Add-On Conferencing Scenario
SIP B2BUA Functionality
Contact Header Processing
Target Mapping and Conferences
Refer-To Header Processing
Add-on Conferencing Configuration
SIP REFER Method Call Transfer
Unsuccessful Transfer Scenarios
Call Flows
SIP REFER Method Configuration
REFER-Initiated Call Transfer
Supported Scenarios
Call Flows
REFER Source Routing
REFER Source Routing Configuration
180 & 100 NOTIFY in REFER Call Transfers
Sample Messages
180 and 100 NOTIFY Configuration
SIP REFER Re-Invite for Call Leg SDP Renegotiation
Scenario
Alterations to SIP REFER
Implementation Details
SIP REFER with Replaces
SIP REFER with Replaces Configuration
SIP REFER-to-BYE
SIP hold-refer-reinvite
Enable hold-refer-reinvite - ACLI
SIP Roaming
Overview
Process Overview
Using Private IPv4 Addresses
Example 1 With a NAT Firewall
Example 2 Without a NAT Firewall
SIP Roaming Configuration
Embedded Header Support
Embedded Header Support Configuration
Static SIP Header and Parameter Manipulation
Header Manipulation Rules
Header Element Rules
About SIP Header and Parameter Manipulation
HMR $LOCAL_PORT for Port Mapping
Role in Trunk Group URI Feature
SIP Header and Parameter Manipulation Configuration
Creating SIP Header Manipulation Rulesets
Configuring a Session Agent
Configuring a SIP Interface
Example 1 Stripping All Route Headers
Example 2 Stripping an Existing Parameter and Adding a New One
SIP HMR (Header Manipulation Rules)
Guidelines for Header and Element Rules
Precedence
Duplicate Header Names
Performing HMR on a Specific Header
Multiple SIP HMR Sets
MIME Support
Find and Replace All
Escaped Characters
New Reserved Word
About the MIME Value Type
Back Reference Syntax
Notes on the Regular Expression Library
SIP Message-Body Separator Normalization
SIP Header Pre-Processing HMR
Best Practices
About Regular Expressions
Expression Building Using Parentheses
SIP Manipulation Configuration
Configuring SIP Header Manipulation Rules
Configuring SIP Header Manipulation Element Rules
Status-Line Manipulation and Value Matching
Setting the Header Name
Setting the Element Type
Setting the Match Value
Setting the Response Code Block
Configuring MIME Support
Testing Pattern Rules
Configuring SIP HMR Sets
Configuration Examples
Example 1 Removing Headers
Example 2 Manipulating the Request URI
Example 3 Manipulating a Header
Example 4 Storing and Using URI Parameters
Example 5 Manipulating Display Names
Example 6 Manipulating Element Parameters
Example 7 Accessing Data from Multiple Headers of the Same Type
Example 8 Using Header Rule Special Characters
Example 9 Status-Line Manipulation
Example 10 Use of SIP HMR Sets
Example 11 Use of Remote and Local Port Information
Example 12 Response Status Processing
Example 13 Remove a Line from SDP
Example 14 Back Reference Syntax
Example 15 Change and Remove Lines from SDP
Example 16 Change and Add New Lines to the SDP
Dialog-Matching Header Manipulation
About Dialog-Matching Header Manipulations
Inbound HMR Challenge
Outbound HMR Challenge
Dialog-matching Header Manipulation Configuration
Built-In SIP Manipulations
Built-In SIP Manipulation Configuration
Testing SIP Manipulations
HMR Import-Export
Exporting
Importing
Displaying Imports
Using FTP to Move Files
Removing Files
Unique HMR Regex Patterns and Other Changes
Manipulation Pattern Per Remote Entity
Reject Action
Reject Action Configuration
About Counters
SNMP Support
Log Action
Changes to Storing Pattern Rule Values
Removal of Restrictions
Name Restrictions for Manipulation Rules
New Value Restrictions
Header Manipulation Rules for SDP
Platform Support
SDP Manipulation
sdp-session-rule
sdp-media-rule
sdp-line-rule
Regular Expression Interpolation
Regular Expressions as Boolean Expressions
Moving Manipulation Rules
Rule Nesting and Management
ACLI Configuration Examples
Remove SDP
Remove Video from SDP
Add SDP
Manipulate Contacts
Remove a Codec
Change Codec
Remove Last Codec and Change Port
Remove Codec with Dynamic Payload
Dialog Transparency
Overview
Dialog Transparency Configuration
Route Header Removal
Route Header Removal Configuration
SIP Via Transparency
SIP Via Transparency Configuration
Symmetric Latching
Symmetric Latching Configuration
Enabling RTCP Latching
SIP Number Normalization
Terminology
Calls from IP Endpoints
Calls from IP Peer Network
SIP Number Normalization Configuration
Realm
Session Agent
SIP Port Mapping
About SIP Port Mapping
How SIP Port Mapping Works
SIP Port Mapping Based on IP Address
About NAT Table ACL Entries
Using SIP Port Mapping
Dynamic Configuration
Registration Statistics
SIP Port Mapping Configuration
SIP Port Mapping for TCP and TLS
SIP Port Mapping Configuration for TCP TLS
SIP Configurable Route Recursion
Example 1
Example 2
SIP Route Recursion Configuration
Configuring a Session Agent for SIP Route Recursion
Configuring a SIP Interface for SIP Route Recursion
SIP Event Package Interoperability
SIP Event Package Interoperability Configuration
SIP Proxy Subscriptions
Topology Hiding
Feature Interaction
SIP Proxy Subscription Configuration
SIP REGISTER Forwarding After Call-ID Change
SIP REGISTER Forwarding Configuration
SIP Local Response Code Mapping
SIP Local Response Code Mapping Configuration
Creating a SIP Response Code Map
Assigning SIP Response Code Maps to Session Agents
Assigning SIP Response Code Maps to SIP Interfaces
Session Agent Ping Message Formatting
Session Agent Ping Message Formatting Configuration
SIP PAI Stripping
SIP PAI Stripping Configuration
SIP Statuses to Q.850 Reasons
SIP-SIP Calls
Configure Reason and Cause Mapping for SIP-SIP Calls
Adding the Reason Header
Calls Requiring IWF
Default Mappings
SIP Status
Trunk Group URIs
Terminology
Trunk Group URI Parameters
Originating Trunk Group URI Parameters and Formats
Terminating Trunk Group URI Parameters and Formats
Trunk Group Signaling Parameters
SIP Header and Parameter Manipulation
Trunk Group Routing
Trunk Group URIs and SIP Registration Caching
Trunk Group URI Configuration
Precedence Used for Trunk Group Configurations
Configuring SIP Manipulations
Setting the Trunk Group URI Mode for Routing
Configuring a Session Agent for Trunk Group URIs
Configuring a Session Agent Group for Trunk Group URIs
Setting a Trunk Group Context in a Realm
Using this Feature with a SIP Interface
Example 1 Adding Originating Trunk Group Parameters in IPTEL Format
Example 2 Adding Originating Trunk Group Parameters in Custom Format
Example 3 Removing IPTEL Trunk Group Names
Example 4 Removing Custom Trunk Group Names
Emergency Session Handling
Emergency Session Handling Configuration Procedures
Emergency Session Handling Configuration
Setting Policy Priority
Fraud Prevention
Fraud Prevention Configuration
SIP Early Media Suppression
Example
Early Media Suppression Support
Call Signaling
Suppression Duration
About the Early Media Suppression Rule
Session Agent Rule
Rule Resolution
Selective Early Media Suppression
Configuring the Realm
Configuring Session Agents
Configuring Realm Groups
SDP-Response Early Media Suppression
SIP-Based Addressing
SDP-Based Addressing
Global Realms
Additional Prefixes
Using the SDP-Response Early Media Suppression Rule
Example
Configuring SDP-Response Early Media Suppression
Configuring the SIP Interface
Configuring a Realm
SIP Duplicate SDP Suppression
SIP Duplicate SDP Suppression Configuration
SIP SDP Address Correlation
SIP SDP Address Correlation Configuration Address Checking
SIP SDP Address Correlation Configuration Mismatch Status Code
SIP SDP Address Correlation Configuration Enforcement Profile
SDP Insertion for (Re)INVITEs
SDP Insertion for SIP INVITES
SDP Insertion for SIP ReINVITEs
SDP Insertion Configuration
Configuring SDP Insertion for SIP INVITEs
Configuring SDP Insertion for SIP ReINVITEs
Restricted Media Latching
About Latching
Restricted Latching
Symmetric Latching
Relationship to Symmetric Latching
Example 1
Example 2
Restricted Latching Configuration
Enhanced SIP Port Mapping
Anonymous Requests
Anonymous SIP Requests Configuration
SIP Registration Via Proxy
Considerations for Reg-Via-Key and Port Mapping
Request Routing
SIP Registration Via Proxy Configuration
Dynamic Transport Protocol Change
Dynamic Transport Protocol Change Configuration
SIP Privacy Extensions
Privacy Types Supported
user
header
id
Examples
Calls from Untrusted Source to Trusted Target
Calls from Trusted to Untrusted
Calls from Trusted to Trusted
Configuring SIP Privacy Extensions
Trust Mode
Disabling the PPI to PAI Change
SIP Registration Cache Limiting
About Registration Cache Additions Modifications and Removals
Registration Cache Alarm Threshold
Notes on Surrogate Registration
Monitoring Information
SIP Registration Cache Limiting Configuration
SIP Registration Overload Protection
SIP Registration Overload Protection Configuration
SIP Request Method Throttling
About Counters and Statistics
SIP Request Method Throttling Configuration
Rate Constraints for SIP Interfaces
Applying Session and Rate Constraints to a SIP Interface
Configuring Rate Constraints for Session Agents
SIP Delayed Media Update
Delayed Media Update Disabled
Delayed Media Update Enabled
SIP Delayed Media Update Configuration
Expedited Call Leg Release for Preempted Hairpin Calls
Accounting Considerations
SIPconnect
Modifications to Registration Caching Behavior
Configuring SIP Connect Support
Required Configuration
Suggested Additional Configuration
SIP Connect Configuration
SIP Registration Event Package Support
Updating Expiration Values
Contact Cache Linger Configuration
SIP Event Package for Registrations
Applicable Standards
Call Flow
Notification Bodies
SIP Event Package for Registrations Configuration
SIP Transport Selection
SIP Transport Selection Configuration
SIP Method-Transaction Statistic Enhancements
SIP Method Tracking Enhancements Configuration
SIP TCP Connection Reuse
SIP TCP Connection Reuse Configuration
SIP TCP Keepalive
SIP TCP Keepalive Configuration for Session Agents
SIP TCP Keepalive Configuration for SIP Interfaces
TCP Connection Tools
TCP and SCTP State Connection Counters
show sipd tcp connections
show sipd tcp
Updated Show Commands
show ip
show sipd
SIP Enforcement Profile and Allowed Methods
SIP Enforcement Profile Configuration
Setting Up and Enforcement Profile
Applying an Enforcement Profile
Enforcement Profile Configuration with subscribe-event
Setting Up Subscribe Dialog Limits
Applying an Enforcement Profile to a Realm
P-Certificate-Subject-Common-Name to REGISTER Messages
Configure the P-Certificate-Subject-Common-Name From the ACLI
Configure the P-Certificate-Subject-Common-Name From the Web GUI
Local Policy Session Agent Matching for SIP
Local Policy Session Agent Matching Configuration
SCTP Delivery Mode Configuration
About Wildcarding
Monitoring
STUN Server
About STUN Messaging
STUN Server Functions on the
Oracle® Enterprise Session Border Controller
RFC 3489 Procedures
rfc3489bis Procedures
Monitoring
STUN Server Configuration
SIP ISUP Features
SIP Diversion to SIP-ISUP Interworking
SIP-ISUP Configuration
SIP ISUP Profile Configuration
SIP-ISUP Configuration
SIP-ISUP Format Version Interworking
Details
SIP-ISUP Format Interworking Configuration
SIP-ISUP Format Interworking Configuration
HMR for SIP-ISUP
Changes and Additions to Equality Operators
Reserved Words
List of Reserved Words
Changes to Action
About MIME Rules
MIME Rules Configuration
About MIME ISUP Manipulation
Oracle® Enterprise Session Border Controller
MIME ISUP Parameters
Adding an ISUP Body to a SIP Message
MIME ISUP Manipulation Configuration
Configuration Example
SIP GRUU
Contact Header URI Replacement
Record-Route Addition
GRUU URI Parameter Name
SIP GRUU Configuration
SIP Session Timer Feature
How the Session Timer Feature Works
SIP Session Timer Configuration
DTMF Conversion Processing
SIP-KPML to RFC 2833 Conversion for DTMF Events
SIP KPML to RFC 2833 Negotiation
RFC 2833 to SIP KPML Negotiation
KPML-2833 Interworking on a SIP Interface Configuration
LMSD SIP Call Progress Tone Interworking
LMSD Interworking Configuration
SIP re-INVITE Suppression
SIP re-INVITE Suppression Configuration
RFC 4028 Session Timers
Ingress Call Leg
Setting 200 OK’s Session-Expire value
Refresher
UAC does not Support Session Timers
Egress Call Leg
Outbound INVITE Message
No Session Timer Configuration
UAS Initial Response
UAS Returns Errors
Session Refreshes
Oracle® Enterprise Session Border Controller
as Refresher
Creating the Refresh Message
Processing the Refresh Response
Oracle® Enterprise Session Border Controller
as Refresh Responder
Processing the Refresh
Forwarding the Refresh
Timer Expiration
Interaction with SIP Features
sip-config option session-timer-support
sip-feature Support
sip-interface option suppress-reinvite
Examples
RADIUS Interim record Generation
ACLI Configuration
Verify Config Validation
show sipd status
8
Session Recording
SelectiveCall Recording SIPREC
SIPREC for Active Recording
Preserve SIPREC with SIP REFER Header
Configuring SIPREC
Session Recording Server (SRS)
Session Recording Group
Load Balancing
Session Recording Group within Logical Remote Entities
Selective Recording
High Availability (HA) Support
SIPREC Configuration Procedure
Session-recording-server Attribute
Session-recording-group Attribute (for HA only)
Realm-config Attribute
Session-agent Attribute
Sip-interface Attribute
SIPREC Ping
Configuring SIPREC Ping on the
Oracle® Enterprise Session Border Controller
.
Example SIPREC Ping Configuration
Metadata Contents
Show Commands for Recording Sessions
Show rec
Show rec redundancy
Codec Negotiation
SIPREC Call Flows
SIPREC Re-INVITE Collision and Back-off Support
Selective Recording
Normal Call (recording required)
Sample SDP and Metadata
Normal Call (recording not required)
Early Media Call (recording not required)
REFER Pass-Through Call (REFER handled by User Agent)
REFER Call (REFER handled by
Oracle® Enterprise Session Border Controller
)
SRS Indicates Busy in Call (recording not required)
Local Media Playback
Supported Capabilities and Caveats
Media Setup & Playback
Media Spirals
Supported Playback Scenarios
Playback on 183 Session Progress
REFER
Playback Header
ACLI Configuration and Examples
Considerations for HA Nodes
Alarms
Monitoring
9
H.323 Signaling Services
Peering Environment for H.323
Video-Conferencing Support
Video Conferencing Support for Polycom Terminals
Overview
Signaling Modes of Operation
Back-to-Back Gateway Signaling
Back-to-Back Gatekeeper Proxy and Gateway
Interworking Gatekeeper-Gateway
Realm Bridging with Static and Dynamic Routing
Before You Configure
Global H.323 Settings
Global H.232 Settings Configuration
Accessing Global H.323 Parameters
Global H.323 Settings
H.323 Interfaces
H.232 Interfaces Configuration
Identity and State
Realm and Interface Associations
H.323 Signaling Interface Settings
H. 323 System Resource Allocation
H.323 Service Modes
H.232 Service Modes Configuration
Configuring Gateway Only Settings
Gatekeeper Proxy Settings
H.323 Features
Fast Start Slow Start Translations
Fast Start to Slow Start Translation
Slow Start to Fast Start Translation
Slow Start Fast Start Prerequisites
Media Profile Configuration
Fast Start/Slow Start Configurations
H.235 Encryption
RFC 2833 DTMF Interworking
About RFC 2833
About H.245 UII
About 2833 to H.245 UII Interworking
Flow Control Mapping for Interworking Function (IWF) Video
About DTMF Transfer
Preferred and Transparent 2833
Preferred 2883 Support
Transparent 2833 Support
Basic RFC 2833 Negotiation Support
H.323 to H.323 Negotiation
Signal and Alpha Type Support
H.323 Endpoints
Translating H.245 UII to 2833 for H.323 Calls
RFC 2833 Mode Configuration
RFC 2833 Payload Configuration
RFC 2833 SA Configuration
H.323 Registration Proxy
H.235 Authentication Transparency
Unique CSA Per Registered Gateway
Virtual Call Signaling Address
Virtual RAS Address
RAS Message Proxy
About Setting Port Ranges
H.323 Registration Proxy Configuration
H.323 Registration Caching
Caveats for Registration Caching
Configuration Requirements
H.323 Registration Caching Configuration
Configuring the Gatekeeper Interface for Registration Caching
ACLI Registration Caching Configuration Example
H.245 Stage
Dynamic H.245 Stage Support
Dynamic H.245 Stage for Incoming Calls
Dynamic H.245 Stage for Outgoing Calls
H.245 Stage Configuration
H.323 HNT
Caveats
H.323 HNT Configuration
H.323 Party Number-E.164 Support
Signaling Only Operation
H.245
H.225
Maintenance Proxy Function
Maintenance Proxy Configuration
Applying TCP Keepalive to the H.323 Interface
Automatic Gatekeeper Discovery
Automatic Gatekeeper Configuration
H.323 Alternate Routing
Without Alternate Routing Enabled
With Alternate Routing Enabled
H.323 Alternate Routing Configuration
H.323 LRQ Alternate Routing
Caveats
H.323 LRQ RAS Retransmission Configuration
H.323 LRJ Limit Configuration
H.323 CAC Release Mechanism
H.323 CAC Release Configuration
H.323 Per-Realm CAC
Caveats
H.323 Per-Realm CAC Configuration
H.323 Bearer-Independent Setup
H.323 BIS Disabled
H.323 BIS Enabled
H.323 BIS Global Configuration
H.323 BIS Specific Configuration
TOS Marking for H.323 Signaling
H.323 Codec Fallback
Codec Fallback Disabled
Codec Fallback Enabled
H.323 Codec Fallback Configuration
H.323 TCS Media Sample Size Preservation
Media Sample Size Configuration
H.323-TCS H.245 Support for H.264 and G722.1
H.323-TCS Generic Video Configuration
H.323-TCS Generic Audio Configuration
International Peering with IWF and H.323 Calls
Default OLC Behavior Changed in Upgrade
Options
Global H.323 Options
H.323 Interface Options
H.323 Stack Monitoring
H.323 Stack Monitoring Configuration
H.323 Automatic Features
Alias Mapping
Call Hold and Transfer
Call Hold and Transfer Basic Call
Call Hold and Transfer Music on Hold
Call Hold and Transfer
Media Release for SS-FS Calls
Dependencies
Hold-and-Resume Procedure
H.323 and IWF Call Forwarding
Previous Behavior
New Behavior
H.323 Sample Call Flow
H.323 NOTIFY Support
Caveats
H.323 H.239 Support for Video+Content
Multiple Media Streams with the Same Payload
Support for Generic Capabilities
Support for H.239 Generic Messages
Support for Miscellaneous Indication
SIP-H.323 interworking with Dynamic Payload Types
Video Conferencing Support for Polycom Terminals
ACLI Signaling Mode Configuration Examples
Configuration Fields and Values for B2BGW Signaling
Back-to-Back Gatekeeper Proxy and Gateway
Interworking Gatekeeper-Gateway
Additional Information
About Payload Types
Payload Types for Standard Audio and Visual Encodings
About RAS Message Treatment
10
DNS ALG
Overview
Configuring DNS ALG Service
Before You Configure
DNS ALG Service Name Configuration
Identity Realm and Interface Addresses
DNS Server Attributes
DNS Transaction Timeout
DNS Transaction Timeout Configuration
Dynamic ACL for the HTTP-ALG
Dynamic Access Control List (ACL) Settings for the HTTP Application Layer Gateway (ALG)
Enable Dynamic Access Control List (ACL) for the HTTP Application Layer Gateway (ALG)
11
IWF Services
Access Network Application
Networking Peering Application
SIP and H.323
SIP H.323 Negotiation H.323 Fast Start
SIP to Fast Start H.323
H.323 Fast Start to SIP
SIP H.323 Negotiation H.323 Slow Start
H.323 SIP to Slow Start
H.323 Slow Start to SIP
Status and Codec Mapping
IWF Termination from H.323
IWF Termination During H.323 RAS
IWF RAS Registration Failure Code Mapping
IWF Termination from SIP
Q.850 Cause to H.323 Release Complete Reason
Codec Mapping
IWF Service Enhancements
SIP Redirect—H.323 LRQ Management
Redirect—LRQ Management Sample 1
Redirect—LRQ Management Sample 2
Redirect—LRQ Management Sample 3
SIP INFO and DTMF UII Management
Mid-Session Media Change
Enhanced Support for FAX Calls
Removing the T.38 Codec from an H.245 TCS
Early Media
Display Name Mapping
IWF Ringback Support
Sample 1 In-band Ringback without Progress Message
Sample 2 In-band Ringback with Progress Message
Sample 3 In-band Ringback without Alerting Message
Sample 4 Out-of-band Ringback without Progress Message
Sample Flow 5 Out-of-band Ringback with Progress Message
H.323 Endpoint-Originated Call Hold and Transfer
Basic Call
Hold
Music On Hold
Transfer
Conference
IWF Call Forwarding
New Behavior
H.323 Sample Call Flow
Media Release for H.323 SS-FS Calls for IWF
H.323
Hold-and-Resume Procedure
Additional IWF Steps
Dependencies
Before You Configure
H.323 Configuration
SIP Configuration
The Role of Local Policy
Local Policy in an IWF Session Initiated with H.323
Local Policy in an IWF Session Initiated with SIP
H.323-SIP Source Call Address Passthrough
Configure IWF
Topology Hiding for IWF with an Internal Home-Realm
IWF Topology Hiding Configuration
DTMF Support
DTMF Configuration
Applying the Media Profile
DTMF for all IWF translations
DMTF Support on a Per-Session-Agent Basis
RFC 2833 DTMF Interworking
About RFC 2833
About H.245 UII
About RFC 2833 to H.245 UII Interworking
About DTMF Transfer
Preferred and Transparent 2833
Preferred 2883 Support
Transparent 2833 Support
Payload Type Handling
Basic RFC 2833 Negotiation Support
H.323 to H.323 Negotiation
Signal and Alpha Type Support
H.323 to SIP Calls
SIP Endpoints
H.323 Non-2833 Interworking with SIP
How H.323 to SIP Calls Work
SIP INFO—RFC 2833 Conversion
IPv6 SIP INFO to RFC 2833 Telephone Event Interworking
RFC 2833 Interworking Configuration
RFC 2833 Mode for H.323 Stacks
RFC 2833 Payload for H.323
Configuring the SIP Interface
Configuring Session Agents
Enabling Payload Type Handling
DTMF Transparency for IWF
DTMF Transparency Configuration
RFC 2833 Packet Sequencing
RFC 2833 Packet Sequencing Configuration
Enhanced H.245 to 2833 DTMF Interworking
Enhancements Configuration
Setting the Minimum Signal Duration
SIP Tel URI Support
SIP Interface Configuration
Graceful DTMF Conversion Call Processing
IWF Inband Tone Option
IWF Inband Tone Configuration
RFC 3326 Support
Default Mappings
RFC 3326 Support Configuration
IWF Privacy Caller Privacy on Unsecure Networks
About the Presentation Indicator
H.323 to SIP IWF Call
Example 1 SETUP Sent from h323d to Remote H.323 Endpoints
Example 2 INVITE from h323d to sipd
SIP to H.323
Example INVITE from SIP End Point to sipd
IWF Privacy Caller Privacy on Secure Connections
H.323 to SIP IWF
Calls with Presentation Allowed
H.323 to SIP
Sample SETUP sent from h323d to Remote H323 Endpoints
SIP to H.323
Example 1 INVITE from sip EP to sipd
Example INVITE from sipd to h323d
IWF Privacy Extensions for Asserted Identity in Untrusted Networks
IWF Call Originating in H.323
Sample H.323 Setup from a Remote Endpoint
Sample SIP INVITE from the SBC to a SIP Endpoint
Before You Configure
P-Preferred-Identity Configuration
IWF Privacy for Business Trunking
A Call Originating in H.323
Sample SETUP Message from an H.323 Endpoint
Sample INVITE from the
Oracle® Enterprise Session Border Controller
to the SIP Endpoint
A Call Originating in SIP
Sample INVITE from a SIP Endpoint to the
Oracle® Enterprise Session Border Controller
Sample SETUP from the
Oracle® Enterprise Session Border Controller
to the H.323 Endpoint
allowCPN Configuration
Trunk Group Documentation
IWF COLP COLR Support
SIP to H.323 Calls
H.323 to SIP Calls
IWF COLP COLR Configuration
Options for Calls that Require the IWF
Global Configuration for H.323
Individual Configuration for H.323
Configuring H.323 SA Options
H.323 SA Options
Suppress SIP Reliable Response Support for IWF
suppress100rel Configuration
IWF Codec Negotiation H.323 Slow Start to SIP
IWF Codec Negotiation Configuration
IWF H.245 Signaling Support for G.726
H.245 and G.726 Configuration
Media Profile for H.245 and G.726 Configuration
Media Profile Configuration for Generic Audio Support
Flow Control Mapping for Interworking Function (IWF) Video
Customized G.729 Support
About Dynamic Payload Mapping
Customized G.729 Configuration
SIP-H.323 IWF Support for H.264 and H.263+
H.264 in H.323 (H.241)
Capabilities
H.264 Media Packetization
H.264 in SIP
H.264 Packetization Mode
H.264 IWF Conversions
IWF Unsupported Parameters
H.263+ in H.323
H.263+ in SIP
H.263+ IWF Conversions
IWF Unsupported Parameters
SIP-H.323 IWF in Video Conferencing Applications
International Peering with IWF and H.323 Calls
International Peering Configuration
IWF Codec Renegotiation for Audio Sessions
Codec Request Change from the SIP Side
Codec Request Change from the H.323 Side
Exceptional Cases
IWF Codec Renogotiation Configuration
12
Session Routing and Load Balancing
Routing Overview
Session Agents Session Groups and Local Policy
About Session Agents
SIP Session Agents
Session Agent Status Based on SIP Response
SIP Session Agent Continuous Ping
SIP SA Continuous Ping Configuration
H.323 Session Agents
Overlapping H.323 Session Agent IP Address and Port
Managing Session Agent Traffic
Session Agent Groups
Request URI Construction as Forwarded to SAG-member Session Agent
SIP Session Agent Group Recursion
About Local Policy
Routing Calls by Matching Digits
SIP and H.323 Interworking
Route Preference
DTMF-Style URI Routing
Add a Local Response Map
SIP Routing
Limiting Route Selection Options for SIP
About Loose Routing
About the Ingress Realm
About the Egress Realm
Ping Message Egress Realm Precedence
Normal Request Egress Realm Precedence
Session Agent Egress Realm Configuration
About SIP Redirect
Proxy Redirect
Tunnel Redirect
SIP Method Matching and To Header Use for Local Policies
SIP Methods for Local Policies
Routing Using the TO Header
H.323 Routing
Egress Stack Selection
Static Stack Selection
Policy-Based Stack Selection
Registration Caching
Gatekeeper Provided Routes
Back-to-Back Gateway
Back-to-Back Gatekeeper and Gateway
Interworking Gatekeeper Gateway
Load Balancing
Configuring Routing
Configuration Prerequisite
Configuration Order
Routing Configuration
Configuring Session Agents
Session Agent Group Configuration
SAG Matching for LRT and ENUM
Configuring Local Policy
Local Policy Matching for Parent Realms
SIP Session Agent DNS-SRV Load Balancing
Session Agent DNS-SRV Load Balancing Configuration
Answer to Seizure Ratio-Based Routing
ASR Constraints Configuration
Active Directory-based Call Routing
LDAP in the
Oracle® Enterprise Session Border Controller
LDAP Messages
LDAP Failure Events
Oracle® Enterprise Session Border Controller
Limitations using LDAP
Configuring LDAP
Configuring ldap-config
Configure ldap-transactions
Configuring ldap-cfg-attributes
Configuring policy-attributes
LDAP Error Messages
LDAP Show Commands
ENUM Lookup
How ENUM Works
Translating the Telephone Number
About NAPTR Records
About the
Oracle® Enterprise Session Border Controller
ENUM Functionality
Configurable Lookup Length
UDP Datagram Support for DNS NAPTR Responses
Custom ENUM Service Type Support
ENUM Failover and Query Distribution
ENUM Query Distribution
Failover to New enum-config
ENUM Server Operation States
Server Availability Monitoring
ENUM Server IP Address and Port
Caching ENUM Responses
Source URI Information in ENUM Requests
Operation Modes
Stateless Proxy Mode
Transaction Stateful Proxy
Session Stateful Proxy
B2BUA
Example ENUM Stateless Proxy
ENUM Configuration
Example
Configuring the Local Policy Attribute
Local Policy Example
CNAM Subtype Support for ENUM Queries
CNAM Unavailable Response
SIP Profile Inheritance
CNAM Subtype Support Configuration
Direct Inward Dial (DID)-Range-Based Local Routing Table (LRT)
Creating a DID-Range-Based LRT File
Configuring a DID-Range-Based LRT
Specifying the LRT Location
Enabling LRT Usage
Managing LRT using the Show LRT Command
LRT Entry Matching
LRT Entry Matching Configuration
LRT String Lookup
LRT String Lookup Configuration
Directed Egress Realm from LRT ENUM
Directed Egress Realm Configuration
SIP Embedded Route Header
SIP Embedded Route Header Configuration
LRT Lookup Key Creation
Arbitrary LRT Lookup Key
Hidden Headers for HMR and LRT lookup
Compound Key LRT Lookup
Retargeting LRT ENUM-based Requests
Re-targeting LRT ENUM-based Requests Configuration
Recursive ENUM Queries
Recursive ENUM Queries Configuration
Multistage Local Policy Routing
Routing Stages
Multi-stage Routing Source Realm
Network Applications
Multistage Routing Conceptual Example
Multistage Routing Example 2
Customizing Lookup Keys
Multistage Routing Lookup Termination
Global Local Policy Termination
Multistage Local Policy Routing Configuration
Maintenance and Troubleshooting
Traps
Routing-based RN and CIC
Routing-based RN Configuration
Codec Policies for SIP
Relationship to Media Profiles
Manipulation Modes
In-Realm Codec Manipulation
Codec Policy Configuration
Creating a Codec Policy
Applying a Codec Policy to a Realm
Applying a Codec Policy to a Session Agent
In-Realm Codec Manipulations
QoS Based Routing
Management
QoS Contraints Configuration
Configuring QoS Constraints
Applying QoS Constraint to a Realm
Using the Local Route Table (LRT) for Routing
Local Route Table (LRT) Performance
Local Routing Configuration
Configure Local Routing
Applying the Local Routing Configuration
Local Route Table Support for H.323 and IWF
IWF Considerations
ENUM LRT Responses
Telephony Fraud Protection
Telephony Fraud Protection Target Matching Rules
Telephony Fraud Protection File Activation
Telephony Fraud Protection Data Types and Formats
Configure Telephony Fraud Protection - ACLI
Refresh the Telephony Fraud Protection File - ACLI
Telephony Fraud Protection ACLI Show Commands
13
Number Translation
About Number Translation
Number Translation Implementation
Number Translation in SIP URIs
Session Translation in H.323 Messages
Number Translation Configuration Overview
Translation Rules
Translation Rules for Deleting Strings
Translation Rules for Adding Strings
Translation Rules for Replacing Strings
Session Translation
Applying Session Translations
Session Agent
Realm
Number Translation Configuration
Translation Rules
Session Translation
Number Translation Application
Other Translations
SIP NAT Translations
FQDN Mapping
14
Admission Control and QoS
About Call Admission Control
Bandwidth-Based Admission Control
Multi-Level Bandwidth Policy Nesting
Session Capacity- and Rate-based Admission Control
Constraints for Proxy Mode
CAC Policing and Marking for non-Audio non-Video Media
Bandwidth CAC Fallback Based on ICMP Failure
Bandwidth CAC Fallback Based on ICMP Failure Configuration
Bandwidth CAC for Aggregate Emergency Sessions
Bandwidth CAC for Aggregate Emergency Sessions Configuration
Admission Control for Session Agents
Session Agents Admission Control Configuration
Realm Bandwidth Configuration
SIP Admission Control Configuration
H.323 Admission Control Configuration
Session Agent Minimum Reserved Bandwidth
Session Agent Minimum Reserved Bandwidth Configuration
Aggregate Session Constraints for SIP
Aggregate Session Constraints Configuration
Applying Session Constraints in a SIP Interfaces
Configuring CAC Policing and Marking for non-Audio non-Video Media
Support for the AS Bandwidth Modifier
Media Profile Configuration
AS Modifier and Headroom Configuration
Offerless Bandwidth CAC for SIP
Offerless Bandwidth CAC for SIP Configuration
Shared CAC for SIP Forked Calls
Bandwidth Sharing Scenarios
Bandwidth Sharing Configuration
Configuring a SIP Profile
Applying a SIP Profile
RADIUS Accounting Support
Monitoring
Conditional Bandwidth CAC for Media Release
About Conditional Bandwidth CAC for Media Release
Details and Conditions
INVITEs UPDATEs Initially Received By
Oracle® Enterprise Session Border Controller
INVITEs UPDATEs Received by Second SBC
Conditional Admission with Per-user CAC
Conditional Bandwidth CAC Configuration
SIP Profile Configuration
Applying a SIP Profile
Configuring Require Header Option Tag
About QoS Reporting
Overview
QoS Statistics
Incremental QoS Updates
RADIUS Support
Configuring QoS
QoS Configuration
Accounting Configuration for QoS
QoS Accounting Configuration
Account Configuration
Account Server
Whitelists for SIP
What is a Whitelist
Whitelists Configuration
Configuration Exception
Verify Whitelist Configuration
How Whitelists Work
Whitelist Learning
Whitelist Learning Configuration
Rejected Messages Monitoring
15
Static Flows
About Static Flows
IPv6 / IPv4 Translations
About Network Address Translation ALG
NAPT
TFTP
Configuring Static Flows
Basic Static Flow Configuration Overview
Static Flow Configuration
Example Configuration: Bidirectional Static Flows
16
High Availability Nodes
Establishing Active and Standby Roles
Health Score
State Transitions
State Transition Sequences
HA Features
Multiple Rear Interfaces
Configuration Checkpointing
Gateway Link Failure Detection and Polling
Before Configuring a High Availability (HA) Pair
HA Node Connections
Virtual MAC Addresses
Virtual MAC Address Configuration
HA Node Connections
HA Node Connection Configuration
Rear Interfaces
Media Interface Virtual MAC Addresses
HA Node Parameters
HA Node Parameter Configuration
HA Node Peer Configuration
HA Node Health And State Configuration
High Availability on the Acme Packet 1100
Configure the Acme Packet 1100 for HA
Configure the Acme Packet 1100 Management Interface for HA
Configure the Acme Packet 1100 Network Interface for HA
Configure the Acme Packet 1100 for system redundancy
Synchronizing Configurations
Synchronize HA Peers
Using Configuration Checkpointing
HA Configuration Checkpointing
Manually Checking Configuration Synchronization
Media Interface Link Detection and Gateway Polling
Media Interface Link Detection and Gateway Polling Configuration
Media Interface Link Detection and Gateway Polling Configuration 2
Signaling Checkpointing
SIP Signaling Checkpointing
Signaling Checkpointing Configuration
Media State Checkpointing
Media State Checkpointing Configuration
HA Media Interface Keepalive
Impact to Boot-Up Behavior
HA Media Interface Keepalive Configuration
RTC Notes
HA
Protocol-Specific Parameters and RTC
Switchovers
Automatic Switchovers
Manual Switchovers
17
Security
Security Overview
Denial of Service Protection
Levels of DoS Protection
About the Process
Trusted Path
Address Resolution Protocol Flow
Untrusted Path
IP Fragment Packet Flow
Fragment Packet Loss Prevention
Static and Dynamic ACL Entry Limits
Dynamic Deny for HNT
Host and Media Path Protection Process
Session Director Access Control
Access Control for Hosts
Access Control End Point Classification Capacity and DoS
Media Access Control
Host Path Traffic Management
Traffic Promotion
Malicious Source Blocking
Blocking Actions
Protecting Against Session Agent Overloads
ARP Flood Protection Enhancements
Dynamic Demotion for NAT Devices
DDoS Protection from Devices Behind a NAT
Configuring DoS Security
Configuration Overview
Changing the Default
Oracle® Enterprise Session Border Controller
Behavior
Example 1 Limiting Access to a Specific Address Prefix Range
Example 2 Classifying the Packets as Trusted
Example 3 Installing Only Static ACLs
Access Control List Configuration
Host Access Policing
Configuring ARP Flood Protection
Access Control for a Realm
Configuring Overload Protection for Session Agents
Media Policing
Policing Methods
Session Media Flow Policing
Static Flow Policing
Configuration Notes
Session Media Flow Policing
Static Flow Policing
Media Policing Configuration for RTP Flows
Media Policing Configuration for RTCP Flows
Media Policing Configuration for Static Flows
RTP Payload Type Mapping
ITU-T to IANA Codec Mapping
SDP Anonymization
SDP Anonymization Configuration
Unique SDP Session ID
Unique SDP Session ID Configuration
TCP Synchronize Attack Prevention
About SYN
Server Vulnerability
Configuring TCP SYN Attack Prevention
Host Certificate Retrieval via SNMP
Host Certificate Retrieval Configuration
Transport Layer Security
The
E-SBC
and TLS
Supported Encryption
Suite B and Cipher List Support
TLS Ciphers
Mapping SSL3 to TLSv1 Ciphers
Minimum Advertised SSL/TLS Version
Minimum Advertised SSL/TLS Version Configuration
Signaling Support
Endpoint Authentication
Keeping Pinholes Open at the Endpoint
Key Usage Control
Key Usage List
Extended Key Usage List
Reusing a TLS Connection
TLS Configuration Process
Certificate Configuration Process
Configure the Certificate Record
Generating a Certificate Request
Import a Certificate Using the ACLI
Import a Certificate Using SFTP
Viewing Certificates
Brief Version
Detailed Version
Configure a TLS Profile
Applying a TLS Profile
Denial of Service for TLS
DoS for TLS Configuration
DoS protection for TLS Connections on the SIP Interface Configuration
Configuring the SIP Configuration
Configuring the Realm
Secure the ACP Communications Link with TLS
TLS Session Caching
TLS Session Caching Configuration
TLS Endpoint Certificate Data Caching
Inserting Customized SIP Headers in an Outgoing INVITE
Validating the Request-URI Based on Certificate Information
TLS Endpoint Certificate Data Caching Configuration
Untrusted Connection Timeout for TCP and TLS
Caveats
Untrusted Connection Timeout Configuration for TCP and TLS
Online Certificate Status Protocol
Caveats
Online Certificate Status Protocol Configuration
Unreachable OCSR
Unreachable OCSR Configuration
OCSR Status Monitoring
OCSR Access via FQDN
OCSR Access Configuration via IP Address
OCSR Access Configuration via FQDN
Direct and Delegated Trust Models
Direct Trust Model Configuration
Delegated Trust Model Configuration
Secure Real-Time Protocol (SRTP) for Software
Protocol Overview
Operational Modes
Single-Ended SRTP Termination
Back-to-Back SRTP Termination
SRTP Pass-Thru
ACLI Instructions
SDES Profile Configuration
Media Security Policy Configuration
Assign the Media Security Policy to a Realm
ACLI Example Configurations
Single-Ended SRTP Termination Configuration
Back-to-Back SRTP Termination Configuration
SRTP Pass-Thru Configuration
Security Policy
SRTP Re-keying
SRTP Re-keying Configuration
Modified ALCI Configuration Elements
ARIA Cipher Support
Hardware Requirements
Call Flow
ARIA Support Configuration
Secure and Non-Secure Flows in the Same Realm
Mode Settings in the Media Security Policy
For Incoming Flows
For Outgoing Flows
Using Security Associations for RTP and RTCP
ACLI Instructions and Examples
Egress Offer Format for SDES Profile Configuration
Supporting UAs with Different SRTP Capabilities
Receiving Offer SDP
Receiving Answer SDP
ACLI Instructions and Examples
Refining Interoperability
Multi-system Selective SRTP Pass-through
Hardware Requirements
Constraints
Operational Overview
Call Flows
Call Setup
Music on Hold
Call Transfer
Early Media
Multi-system Selective SRTP Pass-through with Media Release
Multi-system Selective SRTP Pass-through Configuration
Statistics
IDS Reporting
IDS Licensing
Basic Endpoint Demotion Behavior
Endpoint Demotion Reporting
SNMP Reporting
HDR Reporting
Endpoint Demotion SNMP Traps
Trusted to Untrusted Reporting
SNMP Reporting
Endpoint Demotion Trusted-to-Untrusted SNMP Trap
Endpoint Demotion Syslog Message
Event Log Notification Demotion from Trusted to Untrusted
Endpoint Demotion Configuration
Endpoint Demotion due to CAC overage
CAC Attributes used for Endpoint Demotion
Authentication Failures used for Endpoint Demotion
Endpoint Demotion Configuration on CAC Failures
IDS Phase 2 (Advanced Reporting)
License Requirements
Rejected SIP Calls
Rejected Calls Counter
Syslog Reporting of Rejected Calls
TCA Reporting of Denied Entries
Syslog Reporting of Denied Entries
CPU Load Limiting
Denied Endpoints
Maintenance and Troubleshooting
show sipd acls
18
Transcoding
Introduction
Transcoding Processing Overview
Transcoding Hardware
Transcoding Capacity
Transcodable Codec Details
T.38 FAX Support
Session Licensing
Software-based transcoding
Software-based transcoding alarms and traps
Opus Codec Transcoding Support
SILK Codec Transcoding Support
Transcoding Configuration
Defining Codec Policies
Ingress Policy
Egress Policy
Post Processing
Codec Policy Definition
Syntax
allow-codecs
order-codecs
Add on Egress
Packetization Time
Answer Processing and Examples
Unoffered Codec Reordering
Non-transcoded Call
Transcoded Call
Voice Transcoding
Voice Scenario 1
Voice Scenario 2
Voice Scenario 3
RFC 2833 Transcoding
RFC 2833 Scenario 1
RFC 2833 Scenario 2
FAX Transcoding
Defining G711FB
FAX Scenario 1
FAX Scenario 2
FAX Scenario 3
Transrating
Transrating Scenario 1
Default Media Profiles
Transcodable Codecs
Preferred Default Payload Type
Redefining Codec Packetization Time
mptime Support for Packet Cable
AMR-NB and AMR-WB Specifications
Configuring Transcoding
Codec Policy Configuration
ACLI Configuration Instructions
Naming Codec Policies
Removing Allowing and Adding Codecs
Ordering Codecs
Transrating Configuration
Applying a Codec Policy to a Realm
Media Profile Configuration
ACLI Configuration Instructions and Examples
Creating User-Defined Ptime per Codec
Media Type Subnames
SDP Parameter Matching
Using Subnames with Codec Policies
Subname Syntax and Wildcarding
Wildcarding add-codecs-on-egress
Media Type and Subname Configuration
Codec Policy Configuration with a Media Type with a Subname
Codec and Conditional Codec Policies for SIP
Relationship to Media Profiles
Manipulation Modes
In-Realm Codec Manipulation
Conditional Codec Policies
Conditional Codec Lists
Conditional Codec Operators
ACLI Instructions and Examples
Creating a Codec Policy
Applying a Codec Policy to a Realm
Applying a Codec Policy to a Session Agent
In-Realm Codec Manipulations
Asymmetric Dynamic Payload Types Enablement
Configure Transcoding for Asymmetric Dynamic Payload Types
Maintenance and Troubleshooting
show mbcd errors
show xcode api-stats
show xcode dbginfo
Viewing Active Audio and Video Call Statistics
Session Based Statistics
Flow Based Statistics
Transcoded audio stream example
Multiple audio stream example
Single audio stream example
show sipd codecs
show xcode xlist
show xcode session-byipp
show xcode session-byattr
show xcode session-byid
show xcode session-all
show xcode load
Logs
Alarms
show xcode load for software xcode
show xcode session-all
show xcode session-byid
show xcode session-byipp
Transcoding Capacity Traps
SRTP and Transcoding
SNMP
Acme Packet Codec and Transcoding MIB (ap-codec.mib)
Acme Packet System Management MIB (ap-smgmt.mib)
Acme Packet 6300 NIU Hotswap Guidelines
Network Interface Unit Removal/Replacement -- Standalone Node
NIU Removal/Replacement -- High Availability Deployment
19
Communications Monitoring Probe
Oracle® Communications Operations Monitor Mediation Engine
OCOM Mediation Engine on Different Sub-nets
Communications Monitor Configuration
Oracle Communications Operations Monitor (OCOM)
TLS Profile Configuration
Palladion Probe Enhancement
20
SIP Monitor & Trace
Introduction
Filters to Configure
Filter Objects
Creating Custom Filters
Creating a Custom Filter
Multiple Custom Filter Examples
Enabling Disabling SIP Monitoring & Tracing
Using Filters to Monitor on a Global-Basis
Using Filters when Monitoring Session Agents
Using Filters when Monitoring Realms
Global SA and Realm Filter Examples
Interesting Events
Interesting Events Configuration
Configuring a Trigger Window
Example
Dynamic Filters
Dynamic Filter Commands
Examples
Clearing all Dynamic Filters
Example
Clearing Event Monitoring Records
21
Personal Profile Manager (PPM) Proxy
Introduction
Net-Net ESD as ALG for HTTP HTTPS
Configuring the PPM Proxy on the Net-Net ESD
Private Settings on the Net-Net ESD
Public Settings on the Net-Net ESD
PPM XML Mapping to ACLI Parameters
Example PPM Proxy Configuration
22
Remote Site Survivability
How it Works
Normal Behavior Call Process
Remote Survivable Call Process Behavior
Entering Survivable Mode
Exiting Survivable Mode
Remote Site Survivability with a BroadSoft Server
Remote Site Survivability Configuration
Configure Remote Site Survivability
Configure the Ping Method for a Session Agent
Show Survivability Command
Show Command for Survivability Status
Show Commands for Survivability
Show Commands for Request Methods
Show Commands for Session Agents Interfaces and Realms
Historical Data Recording (HDR) for Survivability
Group survivability-sip-status
Group Statistics
Active Subscriptions
CallID Maps
Client Trans
DNS Results
DNS Sockets
DNS Trans
Dialogs
Load Rate
Media Pending
Media Sessions
ReINVITEs
Rejections
Req Drops
Resp Contexts
Saved Contexts
Server Trans
Sessions
Session Rate
Sockets
Subscriptions
Subscriptions High
SubscriptionsPerMax
Group survivability-sip-invites
Group Statistics
INVITE Requests
Locally Throttled
Response Codes
Response Retrans
Retransmissions
Transaction Timeouts
Group survivability-sip-register
Group Statistics
Locally Throttled
REGISTRATION Requests
Response Retrans
Retransmissions
Transaction Timeouts
Group Statistics
Application Errors
CAC BW Drop
CAC Session Drop
Drop Media Errors
Early Media Exps
Expired Sessions
Exp Media Drops
Invalid Messages
Invalid Requests
Invalid Responses
Media Exp Events
Media Failure Drops
Multiple OK Drops
Multiple OK Terms
Non-ACK 2xx Drops
SDP Answer Errors
SDP Offer Errors
SNMP Trap for Survivability
Survivability Alarms and Logging
Transaction Errors
SIP Monitor & Trace Enhancements
SIPREC Call Data
Hairpin Call Data
SIP Monitor & Trace Ingress Egress Messages
23
Web Server TLS Configuration and Management Commands
Introduction
Configuring TLS on the Web Server
Process Overview
Configuring a Certificate
Configuring the Certificate Record
Generating a Certificate Request
Importing a Certificate Using the ACLI
Importing a Certificate Using FTP
PKCS #12 Container Import and Export Capability
Export to a PKCS #12 File
Import a PKCS #12 File
Secure the ACP Communications Link with TLS
Configuring a TLS Profile
Management Commands for the Web Server
Show ip connections Command
Show users Command
Kill <index> Command
24
Oracle SPL Plug-ins
Supported SPL Engines
SNMP Community
Load and Enable an SPL Plug-in
Upload an SPL Plug-in
Add an SPL Plug-in to the Configuration
Synchronize SPL Plug-in Files Across an HA Pair
Import and Export the
E-SBC
Configuration
Import and Export Restrictions
Configuration CSV Files
Create a CSV File
Enter Configuration Data Using a Text File
Import ACLI Command
Export an
E-SBC
Configuration to a CSV File
Lync Emergency Call SPL Plug-in
Set Lync Emergency Call Options on Realms, Session Agents, and SIP Interfaces
Example Playback-on-Refer Configuration
Inserting SIP Headers into SIPREC Metadata
Sample Metadata
Configure SIP Headers for SIPREC Metadata
Example Configuration
Example Configuration
Universal Call Identifier SPL
UCID-App-ID
GUCID-Node-ID
GUID-Node-ID
convert-to
Example SPL Options
Sample Metadata
Configuring Universal Call Identifier Options
Example Configuration
Comfort Noise (CN) Generation SPL
Configuring the CN Generation SPL
Example Configuration
High Availability (HA) Support
Licensing Information
Maintenance and Troubleshooting Commands for SPLs
show SPL
SPL Signature State
show running-config spl-config
show directory code spl
show spl-options
Deleting SPLs
SPL Log Types
Emergency Location Identification Number (ELIN) Gateway Support
How the Emergency Location Identification Number (ELIN) SPL Works
Configure the ELIN Gateway Option
Avaya Session Manager (SM) Redundancy
How Avaya Session Manager (SM) Redundancy Works
Session Manager Mapping
Map a Session Manager to a Session Border Controller
Configure Avaya Session Manager (SM) Redundancy
Avaya Client Failover
TCP/FIN Generation Configuration
Avaya Attended-Transfer-Enable SPL
Configure the Attended-Transfer-Enable SPL
25
Local Media Playback
Supported Local Media Playback Capabilities
Pre-Requisites
Media Setup & Playback
Media Spirals
Media Files
Supported Playback Scenarios
Playback on 183 Session Progress
REFER
Playback Header
ACLI Configuration and Examples
Set up the Playback Configuration
Set Playback Options on Realms, Session Agents, and SIP Interfaces
Playback Configuration Example
RTC Support
Considerations for HA Nodes
Alarms
Monitoring
26
Time Division Multiplexing
TDM Configuration
Set TDM Configuration Wizard
TDM Settings on the Session Delivery Manager
Configure Time Division Multiplexing
Quad-Span for TDM
ACLI Show Commands for TDM
Configure the Inbound TDM Policy
Configure the Outbound TDM Local Policy
A
System Recovery
Create the Acme Packet Boot Media
Restore the System from a USB Flash Drive
B
Additional SNMP Support
Overview
MIB Changes
SNMPv3 Support
Authentication and Privacy
Password-to-Key Conversion
Enabling SNMPv3
Retaining Existing SNMPv1v2 Behavior
Downgrading Software After Enabling SNMPv3
Consideration for HA Nodes
Enabling SNMPv3
Trap Receiver Configuration
Acme Packet Net-Net ESD MIB (ap-usbcsys.mib)
C
RTC Support
D
Configure the Web Server From the ACLI
E
RADIUS Authentication
PAP Handshake
PAP Client Request Example
PAP RADIUS Response
CHAP Handshake
CHAP Client Request Example
CHAP RADIUS Response
MS-CHAP-v2 Handshake
MS-CHAP-v2 Client Request Example
MS-CHAP-v2 RADIUS Response
Management Protocol Behavior
RADIUS Authentication Configuration
Global Authentication Settings
RADIUS Server Settings
F
TACACS+
TACACS+ Overview
TACACS+ Administrative Security
TACACS+ Authentication
ascii Login
PAP Login
CHAP Login
Authentication Message Exchange
TACACS+ Header
Authentication START Packet
Authentication REPLY Packet
Authentication CONTINUE Packet
Authentication Scenarios
ASCII Authentication
PAP Authentication
CHAP Authentication
TACACS+ Authorization
TACACS+ Authorization Command & Arguments Boundary
Authorization Message Exchange
Authorization REQUEST Packet
Authorization RESPONSE Packet
Authorization Scenarios
Authorization Pass
Authorization Fail
TACACS+ Accounting
Accounting Message Exchange
Accounting REQUEST Packet
Accounting REPLY Packet
Accounting Scenario
TACACS+ Configuration
Enable TACACS+ Client Services
Specify TACACS+ Servers
Managing TACACS+ Operations
TACACS+ MIB
SNMP Trap
TACACS+ Faults
ACLI show Command
TACACS+ Logging
G
Maintenance and Troubleshooting
Advanced Logging
Configure Advanced Logging - Command Line
Configuring Advanced Logging
Disable Advanced Logging - Command Line
Disable Advanced Logging - Configure Mode
Clear Advanced Logging Criteria - Command Line
View Advanced Logging Status - Command Line
TCP Connection Tools