realm-config

The realm-config element is used to configure realms.

Parameters

identifier
Enter the name of the realm associated with this Oracle Communications Session Border Controller. This is a required field. The identifier field value must be unique.
description
Provide a brief description of the realm-config configuration element
addr-prefix
Enter the IP address prefix used to determine if an IP address is associated with the realm. This field is entered as an IP address and number of bits in the network portion of the address in standard slash notation.
  • Default: 0.0.0.0
An IPV6 address is valid for this parameter.
network-interface
Enter the network interface through which this realm can be reached. Entries in this parameter take the form: <network-interface-ID>:<subport>.<ip_version>.

Note:

Only one network interface can be assigned to a single realm-config object.
mm-in-realm
Enable or disable media being steered through the Oracle Communications Session Border Controller when the communicating endpoints are located in the same realm
  • Default: disabled
  • Values: enabled | disabled
mm-in-network
Enable or disable media being steered through the Oracle Communications Session Border Controller when the communicating endpoints are located in different realms within the same network (on the same network-interface). If this field is set to enabled, the Oracle Communications Session Border Controller will steer all media traveling between two endpoints located in different realms, but within the same network. If this field is set to disabled, then each endpoint will send its media directly to the other endpoint located in a different realm, but within the same network.
  • Default: enabled
  • Values: enabled | disabled
mm-same-ip
Enable the media to go through this Oracle Communications Session Border Controller if the mm-in-realm . When not enabled, the media will not go through the Oracle Communications Session Border Controller for endpoints that are behind the same IP.
  • Default: enabled
  • Values: enabled | disabled
mm-in-system
Set this parameter to enabled to manage/latch/steer media in the Oracle Communications Session Border Controller. Set this parameter to disabled to release media in the Oracle Communications Session Border Controller.

Note:

Setting this parameter to disabled will cause the Oracle Communications Session Border Controller to NOT steer media through the system (no media flowing through this Oracle Communications Session Border Controller).
  • Default: enabled
  • Values: enabled | disabled
bw-cac-non-mm
Set this parameter to enabled to turn on bandwidth CAC for media release
  • Default: disabled
  • Values: enabled | disabled
msm-release
Enable or disable the inclusion of multi-system (multiple Oracle Communications Session Border Controllers) media release information in the SIP signaling request sent into the realm identified by this realm-config element. If this field is set to enabled, another Oracle Communications Session Border Controller is allowed to decode the encoded SIP signaling request message data sent from a SIP endpoint to another SIP endpoint in the same network to restore the original SDP and subsequently allow the media to flow directly between those two SIP endpoints in the same network serviced by multiple Oracle Communications Session Border Controllers. If this field is set to disabled, the media and signaling will pass through both Oracle Communications Session Border Controllers. If this field is set to enabled, the media is directed directly between the endpoints of a call.
  • Default: disabled
  • Values: enabled | disabled
qos-enable
Enable or disable the use of QoS in this realm
  • Default: disabled
  • Values: enabled | disabled
generate-udp-checksum
Enable or disable the realm to generate a UDP checksum for RTP/RTCP packets.
  • Default: disabled
  • Values: enabled | disabled

This parameter is visible only on Acme Packet 3800s and Acme Packet 4500s that do not have an ETC card installed. The function is enabled and not configurable on all other platforms.

max-bandwidth
Enter the total bandwidth budget in kilobits per second for all flows to/from the realm defined in this element. A max-bandwidth field value of 0 indicates unlimited bandwidth.
  • Default: 0
  • Values: Min: 0 / Max: 4294967295
fallback-bandwidth
Enter the amount of bandwidth available once the Oracle Communications Session Border Controller has determined that the target (of ICMP pings) is unreachable.
  • Default: 0
  • Values: Min: 0
max-priority-bandwidth
Enter the amount of bandwidth amount of bandwidth you want to want to use for priority (emergency) calls; the system first checks the max-bandwidth parameter, and allows the call if the value you set for priority calls is sufficient.
  • Default: 0
  • Values: Min: 0 | Max: 999999999
max-latency
This parameter is unsupported.
max-jitter
This parameter is unsupported.
max-packet-loss
This parameter is unsupported.
observ-window-size
This parameter is unsupported.
parent-realm
Enter the parent realm for this particular realm. This must reference an existing realm identifier.
dns-realm
Enter the realm whose network interface’s DNS server should be used to resolve FQDNs for requests sent into the realm. If this field value is left empty, the Oracle Communications Session Border Controller will use the DNS of the realm’s network interface.
media-policy
Select a media-policy on a per-realm basis (via an association between the name field value configured in this field). When the Oracle Communications Session Border Controller first sets up a SIP or H.323 media session, it identifies the egress realm of each flow and then determines the media-policy element to apply to the flow. This parameter must correspond to a valid name entry in a media policy element.
media-sec-policy

Name of default media security policy.

srtp-msm-passthrough
Enables multi system selective SRTP pass through in this realm.
  • Default: disabled
  • Values: enabled | disabled
class-profile
Enter the name of class-profile to use for this realm for ToS marking
in-translationid
Enter the identifier/name of a session-translation element. The Oracle Communications Session Border Controller applies this group of rules to the incoming addresses for this realm. There can be only one entry in this parameter.
out-translationid
Enter the identifier/name of a session-translation element. The Oracle Communications Session Border Controller applies this group of rules to the outgoing addresses for this realm. There can be only one entry in this parameter.
in-manipulationid
Enter the inbound SIP manipulation rule name
out-manipulationid
Enter the outbound SIP manipulation rule name
average-rate-limit
Enter the average data rate in bits per second for host path traffic from a trusted source
  • Default: 0 (disabled)
  • Values: Min: 0 | Max: 4294967295
access-control-trust-level
Select a trust level for the host within the realm
  • Default: none
  • Values:
    • high—Hosts always remains trusted
    • medium—Hosts belonging to this realm can get promoted to trusted, but can only get demoted to untrusted. Hosts will never be put in black-list.
    • low—Hosts can be promoted to trusted list or can get demoted to untrusted list
    • none—Hosts will always remain untrusted. Will never be promoted to trusted list or will never get demoted to untrusted list
invalid-signal-threshold
Enter the acceptable invalid signaling message rate falling within a tolerance window
  • Default: 0
  • Values: Min: 0 | Max: 4294967295
maximum-signal-threshold
Enter the maximum number of signaling messages allowed within the tolerance window
  • Default: 0 (disabled)
  • Values: Min: 0 | Max: 4294967295
untrusted-signal-threshold
Enter the allowed maximum signaling messages within a tolerance window.
  • Default: 0
  • Values: Min: 0 | Max: 4294967295
nat-trust-threshold
Enter maximum number of denied endpoints that set the NAT device they are behind to denied. 0 means dynamic demotion of NAT devices is disabled.
  • Default: 0
  • Values: Min: 0 | Max: 65535
max-endpoints-per-nat
Maximum number of endpoints that can exist behind a NAT before demoting the NAT device.
  • Default: 0 (disabled)
  • Values: Min: 0 | Max: 65535
nat-invalid-message-threshold
Maximum number of invalid messages that may originate behind a NAT before demoting the NAT device.
  • Default: 0 (disabled)
  • Values: Min: 0 | Max: 65535
wait-time-for-invalid-register
Period (in seconds) that the counts before considering the absence of the REGISTER message as an invalid message.
  • Default: 0 (disabled)
  • Values: Min: 0, 4-300
deny-period
Enter the length of time an entry is posted in the deny list
  • Default: 30
  • Values: Min: 0 / Max: 4294967295
cac-failure-threshold
Enter the number of CAC failures for any single endpoint that will demote it from the trusted queue to the untrusted queue for this realm.
  • Default: 0
  • Values: Min: 0 / Max:141842
untrust-cac-failure-threshold
Enter the number of CAC failures for any single endpoint that will demote it from the untrusted queue to the denied queue for this realm.
  • Default: 0
  • Values: Min: 0 / Max: 4294967295
ext-pol-server
Name of external policy server.
diam-e2-address-realm
The value inserted into a Diameter e2 Address-Realm AVP when a message is received on this realm.
symmetric-latching
Enable, disable and manage symmetric latching between endpoints for RTP traffic.
  • Default: disabled
  • enabled
  • disabled
  • pre-emptive - symmetric latching is enabled, but the SBC sends RTP packets to the received SDP connection address without waiting on the latch.
pai-strip
Enable or disable P-Asserted-Identity headers being stripped from SIP messages as they exit the Oracle Communications Session Border Controller. The PAI header stripping function is dependent on this parameter and the trust-me parameter.
  • Default: disabled
  • Values: enabled | disabled
trunk-context
Enter the default trunk context for this realm
early-media-allow
Select the early media suppression for the realm
  • Values:
    • none: No early media is allowed in either direction
    • both: Early media is allowed in both directions
    • reverse: Early media received by Oracle Communications Session Border Controller in the reverse direction is allowed
enforcement-profile
Enter the name of the enforcement profile (SIP allowed methods).
additional-prefixes
Enter one or more additional address prefixes. Not specifying the number of bits to use implies all 32 bits of the address are used to match.
add-additional-prefixes
Add one or more additional address prefixes. Not specifying the number of bits to use implies all 32 bits of the address are used to match.
remove-additional-prefixes
Remove one or more additional address prefixes. Not specifying the number of bits to use implies all 32 bits of the address are used to match.
restricted-latching
Set the restricted latching mode
  • Default: None
  • Values:
    • none: No restricted latching
    • sdp: Use the IP address specified in the SDP for latching purpose
    • peer-ip: Use the peer-ip (Layer 3 address) for the latching purpose
restriction-mask
Set the restricted latching mask value.
  • Default: 32
  • Values: Min: 1 | Max: 128
user-cac-mode
Set this parameter to the per user CAC mode that you want to use
  • Default: none
  • Values:
    • none—No user CAC for users in this realm
    • AOR—User CAC per AOR
    • IP—User CAC per IP
user-cac-bandwidth
Enter the maximum bandwidth per user for dynamic flows to and from the user. By leaving this parameter set to 0 (default), there is unlimited bandwidth and the per user CAC feature is disabled for constraint of bandwidth.
user-cac-sessions
Enter the maximum number of sessions per user for dynamic flows to and from the user. Leaving this parameter set to 0 (default), there is unlimited sessions and the CAC feature is disabled for constraint on sessions
  • Default: 0
  • Values: Min: 0 / Max: 999999999
icmp-detect-multiplier
Enter the multiplier to use when determining how long to send ICMP pings before considering a target unreachable. This number multiplied by the time set for the icmp-advertisement-interval determines the length of time
  • Default: 0
  • Values: Min: 0
icmp-advertisement-interval
Enter the time in seconds between ICMP pings the Oracle Communications Session Border Controller sends to the target.
  • Default: 0
  • Values: Min: 0
icmp-target-ip
Enter the IP address to which the Oracle Communications Session Border Controller should send the ICMP pings so that it can detect when they fail and it needs to switch to the fallback bandwidth for the realm.
  • Default: (empty)
monthly-minutes
Enter the monthly minutes allowed
  • Default: disabled
  • Values: Min: 0 / Max: 71582788
options
Enter any optional features or parameters
accounting-enable
Select whether you want accounting enabled within the realm
  • Default: enabled
  • Values: enabled | disabled
net-management-control
Enable or disable network management controls for this realm
  • Default: disabled
  • Values: enabled | disabled
delay-media-update
Enable or disable media update delay
  • Default: disabled
  • Values: enabled | disabled
refer-call-transfer
REFER call transfer
  • Default: disabled
  • Values: enabled | disabled | dynamic
refer-notify-provisional
Provisional mode for sending NOTIFY message
  • Default: none
  • Values:
    • none: no intermediate NOTIFY's are to be sent
    • initial: immediate 100 Trying NOTIFY has to be sent
    • all: immediate 100 Trying NOTIFY plus a NOTIFY for each non-100 provisional received by the SD are to be sent
dyn-refer-term
Enable or disable the Oracle Communications Session Border Controller to terminate a SIP REFER and issue a new INVITE. If the dyn-refer-term value is disabled (the default), proxy the REFER to the next hop to complete REFER processing. If the dyn-refer-termvalue is enabled, terminate the REFER and issue an new INVITE to the referred party to complete REFER processing.
  • Default: disabled
  • Values: enabled | disabled
codec-policy
Select the codec policy you want to use for this realm
codec-manip-in-realm
Enable or disable codec policy in this realm
  • Default: disabled
  • Values: enabled | disabled
codec-manip-in-network
Enable or disable codec policy in this network.
  • Default: enabled
  • enabled | disabled
constraint-name
Enter the name of the constraint you want to use for this realm
call-recording-server-id
Enter the name of the call recording server associated with this realm
session-recording-server
Name of the session-recording-server or the session-recording-group in the realm associated with the session reporting client. Valid values are alpha-numeric characters. session recording groups are indicated by prepending the groupname with SRG:
session-recording-required
Determines whether calls are accepted by the SBC if recording is not available.
  • Default: disabled
  • enabled—Restricts call sessions from being initiated when a recording server is not available.
  • disabled—Allows call sessions to initiate even if the recording server is not available.
xnq-state
set XNQ removal status within this realm
  • Default: disabled
  • Values: enabled | disabled
hairpin-id
hairpin id.
  • Default: 0
  • Values: 1-65535 | 0= disabled
manipulation-string
Enter a string to be used in header manipulation rules for this realm.
manipulation-pattern
Enter the regular expression to be used in header manipulation rules for this realm.
stun-enable
Enable or disable the STUN server support for this realm
  • Default: disabled
  • Values: enabled | disabled
stun-server-ip
Enter the IP address for the primary STUN server port
  • Default: 0.0.0.0
stun-server-ip
Enter the IP address for the primary STUN server port
  • Default: 0.0.0.0
stun-server-port
Enter the port to use with the stun-server-ip for primary STUN server port
  • Default: 3478
  • Values: Min. 1025 | Max. 65535
stun-changed-ip
Enter the IP address for the CHANGED-ADDRESS attribute in Binding Requests received on the primary STUN server port; must be different from than the one defined for the stun-server-ip
  • Default: 0.0.0.0
stun-changed-port
Enter the port combination to define the CHANGED-ADDRESS attribute in Binding Requests received on the primary STUN server port
  • Default: 3479
  • Values: Min. 1025 | Max. 65535
flow-time-limit
Enter the total time limit in seconds for the flow. The Oracle Communications Session Border Controller notifies the signaling application when this time limit is exceeded. This field is only applicable to dynamic flows. A value of 0 seconds disables this function and allows the flow to continue indefinitely.
  • Default: -1, which allows the system to use the global timer settings for this realm.
  • Values: Min: 0 / Max: 2147483647
initial-guard-timer
Enter the time in seconds allowed to elapse before first packet of a flow arrives. If first packet does not arrive within this time limit, Oracle Communications Session Border Controller notifies the signaling application. This field is only applicable to dynamic flows. A value of 0 seconds indicates that no flow guard processing is required for the flow and disables this function.
  • Default: -1, which allows the system to use the global timer settings for this realm.
  • Values: Min: 0 / Max: 2147483647
subsq-guard-timer
Enter the maximum time in seconds allowed to elapse between packets in a flow. The Oracle Communications Session Border Controller notifies the signaling application if this timer is exceeded. This field is only applicable to dynamic flows. A field value of zero seconds means that no flow guard processing is required for the flow and disables this function.
  • Default: -1, which allows the system to use the global timer settings for this realm.
  • Values: Min: 0 / Max: 2147483647
tcp-flow-time-limit
Enter the maximum time in seconds that a media-over-TCP flow can last
  • Default: -1, which allows the system to use the global timer settings for this realm.
  • Values: Min: 0 / Max: 2147483647
tcp-initial-guard-timer
Enter the maximum time in seconds allowed to elapse between the initial SYN packet and the next packet in a media-over-TCP flow
  • Default: -1, which allows the system to use the global timer settings for this realm.
  • Values: Min: 0 / Max: 2147483647
tcp-subsq-guard-timer
Enter the maximum time in seconds allowed to elapse between all subsequent sequential media-over-TCP packets
  • Default: -1, which allows the system to use the global timer settings for this realm.
  • Values: Min: 0 / Max: 2147483647
sip-profile
Enter the name of the sip-profile to apply to this realm.
sip-isup-profile
Enter the name of the sip-isup-profile to apply to this realm.
match-media-profiles
Enter the media profiles you would like applied to this realm in the form <name>::<subname>. See the Oracle Communications Session Border Controller Configuration Guide for information about wildcard values.
qos-constraints
Enter the name value from the QoS constraints configuration you want to apply to this realm
block-rtcp
Block RTCP from entering or leaving this realm.
  • Default: disabled
  • Values: enabled | disabled
hide-egress-media-update
Hide changes to ingress RTP egressing into this realm
  • Default: disabled
  • Values: enabled | disabled
subscription-id-type
Sets the supported Subscription ID Types and the subsequent values inserted into the Subscription-Id-Data AVP's in an AAR message for Rx transactions.
  • END_USER_NONE | END_USER_E164 | END_USER_SIP_URI | END_USER_IMSI
tcp-media-profile
A configured tcp-media-profile name to use within this realm. Used for MSRP.
stun-server-port
Enter the port to use with the stun-server-ip for primary STUN server port
  • Default: 3478
  • Values: Min. 1025 | Max. 65535
tcp-media-profile
A configured tcp-media-profile name to use within this realm. Used for MSRP.
monitoring-filters
Comma-separated list of monitoring filters used for SIP monitor and trace.
node-functionality
Sets the value inserted into the node-functionality AVP in Rf messages going into this realm.
  • P-CSCF
  • BGCF
  • IBCF
  • E-CSCF
  • "" - This indicates that this realm should revert to the global node-functionality value.
default-location-string
Used for NPLI functionality.
alt-realm-family
The realm name of the alternate realm, from which to use an IP address in the other address family. If this parameter is within an IPv4 realm configuration, you will enter an IPv6 realm name.
pref-addr-type
Order in which the a=altc: lines suggest preference.
  • Default: none
  • Values: none | ipv4 | ipv6
dns-max-response-size
Enter the maximum size of the DNS response to queries.
  • Default: 0; disabled
  • Value: 65535
session-max-life-limit
Enter the maximum interval in seconds before the system must terminate long duration calls. This value supercedes the value of session-max-life-limit in the sip-interface and sip-config configuration elements and is itself superceded by the value of session-max-life-limit in the session-agent configuration element.
  • Default: 0; disabled
  • Values: configurable number of seconds

Path

realm-config is an element under the media-manager path. The full path from the topmost ACLI prompt is: configure terminal > media-manager > realm-config.

Note:

This is a multiple instance configuration subelement.
Previous
Previous 		Next
Next
Go To Table Of Contents
Contents