Go to primary content
Oracle® Enterprise Session Border Controller ACLI Configuration Guide
Release E-CZ8.1.0
F19896-01
Next
Contents
Title and Copyright Information
About This Guide
1
Getting Started
Installation and Start-Up
Hardware Installation Process
Connecting to Your
Oracle® Enterprise Session Border Controller
Create a Console Connection
SSH Remote Connections
Accessing the System Via User and Admin Accounts
Accessing the System Using Custom SSH Credentials
Import Private SSH Key to Derive New SSH Host Keys
Import a Private SSH Key for the
E-SBC
as an SFTP Client
Delete an SSH Key
Configure SSH Ciphers
Verify SSH Ciphers
System Boot
Boot Parameters
Boot Parameter Definitions
Boot Flags
Setting Up System Basics
New System Prompt
Set Initial Passwords for Admin and User
Using the
Oracle® Enterprise Session Border Controller
Image
Obtaining a New Image
Copy an Image to the
Oracle® Enterprise Session Border Controller
using SFTP
System Image Filename
Booting an Image on Your
Oracle® Enterprise Session Border Controller
Boot Parameter Definitions
Booting from Flash Memory
Setting Up Product-Type, Features, and Functionality
Entitlement Provisioning
System Setup
Setup Product
Setup Entitlements
Editing and Viewing Features
License Keys and Self-Provisioned Entitlements Compatibility
Adding and Deleting License Keys
Add a License Key
Delete a License Key
View Installed Features, Entitlements, and Licenses
Setup Features on an HA Pair
Installation Wizard
About the Installation Wizard
Run Setup
Enable Basic Mode and or Expert Mode
Set Up High Availability Mode
RADIUS Authentication
PAP Handshake
PAP Client Request Example
PAP RADIUS Response
CHAP Handshake
CHAP Client Request Example
CHAP RADIUS Response
MS-CHAP-v2 Handshake
MS-CHAP-v2 Client Request Example
MS-CHAP-v2 RADIUS Response
Management Protocol Behavior
RADIUS Authentication Configuration
Global Authentication Settings
RADIUS Server Settings
TACACS+
TACACS+ Overview
TACACS+ Administrative Security
TACACS+ Authentication
ascii Login
PAP Login
CHAP Login
Authentication Message Exchange
TACACS+ Authorization
TACACS+ Authorization Command & Arguments Boundary
Authorization Message Exchange
TACACS+ Accounting
Accounting Message Exchange
TACACS+ Configuration
Enable TACACS+ Client Services
Specify TACACS+ Servers
Managing TACACS+ Operations
TACACS+ MIB
SNMP Trap
TACACS+ Faults
ACLI show Command
TACACS+ Logging
Customizing Your ACLI Settings
Disabling the Second Login Prompt
Disabling the Second Login Prompt Configuration
Persistent ACLI more Parameter
Persistent ACLI more Parameter Configuration
Customized Login Banner
2
System Configuration
Configuring The
Oracle® Enterprise Session Border Controller
as a Virtual Machine (VM)
CPU Core Configuration
System Shutdown
General System Information
System Identification
Connection Timeouts
Configuring General System Information
System Identification
Configuring Connection and Debug Logging Timeouts
System Configuration
Configure General System Identification
Configuring Connection and Debug Logging Timeouts
Phy-Interfaces
Before You Configure
Phy-Interface Configuration
Interface Utilization: Graceful Call Control, Monitoring, and Fault Management
Calculation Overview
Alarms
Alarm Configuration
Configuring Utilization Thresholds for Media Interfaces
Configuring Graceful Call Control
Network Interfaces
IP Configuration
VLANs
Overlapping Networks
Administrative Applications Over Media Interfaces
Configurable MTU Size
Network Interface Configuration
Special Considerations
Network Interfaces Configuration
IP Configuration and Identification
VLAN Configuration
HIP Address Configuration
Configurable MTU Size
System Wide MTU Size
IP Identification (ID) Field
IP Identification Field Configuration
SNMP
Syslog and Process Logs
Overview
Process Log Messages
Syslog and Process Logs Configuration
Syslog Configuration
Configure the Process Log Server
Host Routes
Host Routes Example
Host Route Configuration
Setting Holidays in Local Policy
Holidays Configuration
Opening TCP Ports 3000 and 3001
Enable System to Connect to SDM
DNS on the OCSBC
DNS Configuration
Retransmission Logic
DNS Support for IPv6
DNS Transaction Timeout
DNS Transaction Timeout Configuration
DNS Entry Maximum TTL
DNS Entry Max TTL Configuration per Network Interface
DNS-SRV Session Agent Recursion Error Handling
Interface and Realm Support of DNS Servers
DNS Re-query over TCP
DNS Re-query over TCP Config
Configurable DNS Response Size
DNS Response Size Configuration
Disabling Recursive DNS Queries for ENUM
DNS Server Status via SNMP
Persistent Protocol Tracing
About Persistent Protocol Tracing
About the Logs
Process Logs
Communication Logs
Protocol Trace Logs
Persistent Protocol Tracing Configuration
System Access Control
Adding an ACL for the Management Interface
Notes on Deleting System ACLs
System TCP Keepalive Settings
System TCP Keepalive Configuration
Configurable TCP Timers
Configuring TCP Connection Establishment
Configuring TCP Data Retransmission
Timer for Idle Connections
RAMdrive Log Cleaner
Applicable Settings
Clean-Up Procedure
Clean-Up Frequency
RAMdrive Log Cleaner Configuration
Configurable Alarm Thresholds and Traps
SNMP Traps
Alarm Thresholds Configuration
Alarm Synchronization
Caveats
Alarm Synchronization Configuration
Accounting Configuration
Stream Control Transfer Protocol Overview
SCTP Packets
SCTP Terminology
SCTP Message Flow
Congestion Control
Multi-Streaming
Delivery Modes
Multi-Homing
Multi-Homing and Path Diversity
Monitoring Failure Detection and Recovery
Configuring SCTP Support for SIP
Configuring an SCTP SIP Port
Configuring the Realm
Configuring Session Agents
Setting SCTP Timers and Counters
Setting the RTO
Setting the Heartbeat Interval
Setting the SACK Delay Timer
Limiting DATA Bursts
Setting Endpoint Failure Detection
Setting Path Failure Detection
Specifying the Delivery Mode
Example Configurations
Phy Interface Configuration
Network Interface Configuration
SIP Port Configuration
Realm Configuration
Session Agent Configuration
IPv6 Address Configuration
Access Control
Host Route
Local Policy
Network Interface
ENUM Server
Realm Configuration
Session Agent
SIP Configuration
SIP Interface SIP Ports
Steering Pool
System Configuration
TSCF Configuration
IPv6 Support for Management and Telemetry
IPv6 Default Gateway
IPv6 Link Local Addresses
Network Interfaces and IPv6
IPv6 Reassembly and Fragmentation Support
Access Control List Support
Data Entry
Homogeneous Realms
Parent-Child Network Interface Mismatch
Address Prefix-Network Interface Mismatch
RADIUS Support for IPv6
Supporting RADIUS VSAs
NTP Synchronization
Setting NTP Synchronization
Authenticated NTP
Monitoring NTP from the ACLI
View Statistics
View Status
3
Realms and Nested Realms
Overview
About Realms and Network Interfaces
About the SIP Home Realm
About Realms and Other
Oracle® Enterprise Session Border Controller
Functions
Realms
Before You Configure
Realm Configuration
Identity and IP Address Prefix
Realm Interfaces
Realm Service Profile
QoS Measurement
QoS Marking
Address Translation Profiles
Interface and Realm Support of DNS Servers
DoS ACL Configuration
Enabling RTP-RTCP UDP Checksum Generation
Aggregate Session Constraints Per Realm
Admission Control Configuration
Nested Realms
Nested Realms
Configuring Nested Realms
Parent and Child Realm Configuration
Required Signaling Service Parameters
Aggregate Session Constraints Nested Realms
Impact to Other Session Constraints and Emergency Calls
Session Contraints Configuration
Realm-Based Packet Marking
About TOS DiffServ
ToS Byte
DiffServ Byte
Packet Marking for Media
Configuring Packet Marking by Media Type
Packet Marking Configuration
Applying a Media Policy to a Realm
Signaling Packet Marking Configuration
Configuring a Media Policy for Signaling Packet Marking
Applying a Media Policy to a Realm
Using Class Profile for Packet Marking
Class Profile and Class Policy Configuration
Applying a Class Policy to a Realm
SIP-SDP DCSP Marking ToS Bit Manipulation
ToS Bit Manipulation Configuration
Steering Pools
Configuration Overview
Steering Pool Configuration
SDP Alternate Connectivity
SDP Alternate Connectivity Configuration
Multiple Interface Realms
Steering Pool Port Allocation
Network Interface Configuration
Creating Steering Pools for Multiple Interface Realms
Media over TCP
TCP Bearer Conditions
TCP Port Selection
SDP Offer Example
Timers
TCP Port Configuration
Transparent BFCP Support over UDP and TCP
Restricted Media Latching
About Latching
Restricted Latching
Symmetric Latching
Relationship to Symmetric Latching
Example 1
Example 2
Restricted Latching Configuration
Media Release Across SIP Network Interfaces
Media Release Configuration
Media Release Behind the Same IP Address
Additional Media Management Options
Configuring Media Release Behind the Same IP Address
Bandwidth CAC for Media Release
Bandwidth CAC Configuration
Media Release between Endpoints with the Same IP Address
Media Release Configuration
Media Release Behind the Same NAT IP Address
Media Release Configuration
Codec Reordering
Preferred Codec Precedence
Codec Reordering Configuration
Setting a Preferred Codec for a Realm
Setting a Preferred Codec for a Session Agent
Media Profiles Per Realm
Call Admission Control and Policing
Media Profile Configuration
About Wildcarding
Multiple Media Profiles
Use Case 1
Use Case 2
Multiple Media Profiles Configuration
SIP Disable Media Inactivity Timer for Calls Placed on Hold
Media Inactivity Timer Configuration
Media Manager Configuration for Virtual Machines (VM)
4
SIP Signaling Services
About the
Oracle® Enterprise Session Border Controller
and SIP
Types of SIP Devices
Basic Service Models
About B2BUA
SIP B2BUA Peering
B2BUA Hosted IP Services
SIP B2BUA and L3 L5 NAT
About SIP Interfaces
SIP INVITE Message Processing
Example
Configuring the
Oracle® Enterprise Session Border Controller
for SIP Signaling
Home Realm
Overview
SIP NAT Function
Home Realm’s Purpose
Home Realm Configuration
SIP Interfaces
Overview
About SIP Ports
Preferred SIP Port
Proxy Mode
Redirect Action
SIP maddr Resolution
SIP maddr Resolution Configuration
Trust Mode
About the Process
Call Duration Counters
Configurable Timers and Counters
Timer to Tear Down Long Duration Calls
Timer to Tear Down Long Duration Calls Configuration
SIP Interface Configuration
Configuring SIP Ports
Recurse 305 Only Redirect Action
Redirect Action Process
Redirect-Action Set to Proxy
Redirect-Action Set to Recurse
Redirect-Action Set to Recurse-305-Only
Redirect Configuration for SIP Interface
Embedded Routes in Redirect Responses
SIP PRACK Interworking
UAC-Side PRACK Interworking
UAS-Side PRACK Interworking
PRACK Interworking Configuration
Global SIP Timers
Overview
Timers Configuration
SIP Timers Discreet Configuration
Session Timer Support
Call Flow Example
SIP Per-User CAC
Per User CAC Modes
Per User CAC Sessions
Per User CAC Bandwidth
Notes on HA Nodes
SIP per User CAC Configuration
SIP Per-Realm CAC
SIP per Realm CAC Configuration
Enabling Realm-Based CAC
Viewing Realm-Based CAC Data
SIP Options Tag Handling
Overview
Configuration Overview
SIP Option Tag Handling Configuration
Replaces Header Support
New SDP Parameters in INVITE with Replaces
Early Dialog Replacement
INVITE with Replaces in Early Dialog Server Side
Replace Header Configuration
Debugging
show sipd status
show sipd errors
SIP Options
Overview
Global SIP Options
SIP Interface Options
SIP Session Agent Options
SIP Realm Options
SIP Realm Options Configuration
Configuring Multiple Options
Adding an Entry
SIP Security
Denial of Service Protection
Levels of DoS Protection
Configuration Overview
SIP Unauthorized Endpoint Call Routing
SIP Unauthorized Endpoint Call Routing Configuration
Digest Authentication with SIP
Challenge-Responses in Requests not in the Dialog
Configuring Digest Authentication
Additional Notes
Digest Authentication and High Availability
SIP NAT Function
Overview
NAT Modes
Adding a maddr Parameter to a URI
About Headers
Replacing Headers
Mapping FQDNs
SIP NAT Function Cookies
userinfo
host
URL Parameter
tel URL
Configuration Overview
SIP NAT Interface
SIP NAT Function Policies
SIP NAT Function Configuration
SIP Realm Bridging
About SIP NAT Bridging
SIP NAT Bridge Configuration Scenarios
Many to One Configuration
One-to-One Configuration
SIP NAT Bridge Configuration
Creating a Virtual Home Network
Many-to-One Configuration
One-to-One Configuration
Shared Session Agent
SIP Hosted NAT Traversal (HNT)
About SIP HNT
Using HNT with Existing NAT Device
Registering Endpoints
Establishing Media Flows
Prerequisites
Keeping the NAT Binding Open
Working with Multiple Domains
HNT Configuration Overview
SIP HNT Single Domain Example
SIP HNT Multiple Domain Example
HNT Configuration
Global SIP Configuration
Keep-Alive with CR LF 2832
Keep-alive Configuration
SIP Registration Local Expiration
SIP Registration Local Expiration Configuration
Simultaneous TCP Connection and Registration Cache Deletion
Registration Cache Deletion Configuration
SBC Incorrectly Appends Cookie in SIP REGISTER Message
process-implicit-tel-URI Configuration
SIP HNT Forced Unregistration
When to Use Forced Unregistration
Caution for Using Forced Unregistration
SIP HNT Forced Unregistration Configuration
Adaptive HNT
Overview
Adaptive HNT Example
Synchronize A-HNT Successful Timer to Standby
Adaptive NHT Configuration
SIP IP Address Hiding and NATing in XML
Sample SIP NOTIFY with NATed XML
SIP Server Redundancy
Overview
Configuration Overview
SIP Server Redundancy Configuration
Administratively Disabling a SIP Registrar
Considerations for Implicit Service Route Use
Manual Trigger Configuration
Manual Trigger Confirmation
Surrogate Agents and the
Oracle® Enterprise Session Border Controller
Surrogate Agent Refresh on Invalidate
Invalidate Registrations
Performance Impact
Media Inactivity Timer Configuration
Surrogate Registration
Registration
Routing Calls from the IP-PBX
Configure Surrogate Registration
Example
SIP Distributed Media Release
Overview
Endpoint Locations
Location of the Encoded Information
Example Distributed Media Release
Overview of SIP DMR Configuration
SIP DMR Configuration
Configuring the Realm
Add-On Conferencing
Overview
Caveats
Add-On Conferencing Scenario
SIP B2BUA Functionality
Contact Header Processing
Target Mapping and Conferences
Refer-To Header Processing
Add-on Conferencing Configuration
SIP REFER Method Call Transfer
Unsuccessful Transfer Scenarios
Call Flows
SIP REFER Method Configuration
REFER-Initiated Call Transfer
Supported Scenarios
Call Flows
REFER Source Routing
REFER Source Routing Configuration
180 & 100 NOTIFY in REFER Call Transfers
Sample Messages
180 and 100 NOTIFY Configuration
SIP REFER Re-Invite for Call Leg SDP Renegotiation
Scenario
Alterations to SIP REFER
Implementation Details
SIP REFER with Replaces
SIP REFER with Replaces Configuration
SIP REFER-to-BYE
SIP hold-refer-reinvite
Enable hold-refer-reinvite - ACLI
SIP Roaming
Overview
Process Overview
Using Private IPv4 Addresses
Example 1 With a NAT Firewall
Example 2 Without a NAT Firewall
SIP Roaming Configuration
Embedded Header Support
Embedded Header Support Configuration
Dialog Transparency
Overview
Dialog Transparency Configuration
Route Header Removal
Route Header Removal Configuration
SIP Via Transparency
SIP Via Transparency Configuration
Symmetric Latching
Symmetric Latching Configuration
Enabling RTCP Latching
SIP Number Normalization
Terminology
Calls from IP Endpoints
Calls from IP Peer Network
SIP Number Normalization Configuration
Realm
Session Agent
SIP Port Mapping
About SIP Port Mapping
How SIP Port Mapping Works
SIP Port Mapping Based on IP Address
About NAT Table ACL Entries
Using SIP Port Mapping
Dynamic Configuration
Registration Statistics
SIP Port Mapping Configuration
SIP Port Mapping for TCP and TLS
SIP Port Mapping Configuration for TCP TLS
Terminating Trunk Group URI Parameters and Formats
SIP Configurable Route Recursion
Example 1
Example 2
SIP Route Recursion Configuration
Configuring a Session Agent for SIP Route Recursion
Configuring a SIP Interface for SIP Route Recursion
SIP Event Package Interoperability
SIP Event Package Interoperability Configuration
SIP Proxy Subscriptions
Topology Hiding
Feature Interaction
SIP Proxy Subscription Configuration
SIP REGISTER Forwarding After Call-ID Change
SIP REGISTER Forwarding Configuration
SIP Local Response Code Mapping
SIP Local Response Code Mapping Configuration
Creating a SIP Response Code Map
Assigning SIP Response Code Maps to Session Agents
Assigning SIP Response Code Maps to SIP Interfaces
Session Agent Ping Message Formatting
Session Agent Ping Message Formatting Configuration
SIP PAI Stripping
SIP PAI Stripping Configuration
SIP Statuses to Q.850 Reasons
SIP-SIP Calls
Configure Reason and Cause Mapping for SIP-SIP Calls
Adding the Reason Header
Calls Requiring IWF
Default Mappings
SIP Status
Trunk Group URIs
Terminology
Trunk Group URI Parameters
Originating Trunk Group URI Parameters and Formats
Terminating Trunk Group URI Parameters and Formats
Trunk Group Signaling Parameters
SIP Header and Parameter Manipulation
Trunk Group Routing
Trunk Group URIs and SIP Registration Caching
Trunk Group URI Configuration
Precedence Used for Trunk Group Configurations
Configuring SIP Manipulations
Setting the Trunk Group URI Mode for Routing
Configuring a Session Agent for Trunk Group URIs
Configuring a Session Agent Group for Trunk Group URIs
Setting a Trunk Group Context in a Realm
Using this Feature with a SIP Interface
Example 1 Adding Originating Trunk Group Parameters in IPTEL Format
Example 2 Adding Originating Trunk Group Parameters in Custom Format
Example 3 Removing IPTEL Trunk Group Names
Example 4 Removing Custom Trunk Group Names
Emergency Session Handling
Emergency Session Handling Configuration Procedures
Emergency Session Handling Configuration
Setting Policy Priority
Fraud Prevention
Fraud Prevention Configuration
SIP Early Media Suppression
Example
Early Media Suppression Support
Call Signaling
Suppression Duration
About the Early Media Suppression Rule
Session Agent Rule
Rule Resolution
Selective Early Media Suppression
Configuring the Realm
Configuring Session Agents
Configuring Realm Groups
SDP-Response Early Media Suppression
SIP-Based Addressing
SDP-Based Addressing
Global Realms
Additional Prefixes
Using the SDP-Response Early Media Suppression Rule
Example
Configuring SDP-Response Early Media Suppression
Configuring the SIP Interface
Configuring a Realm
SIP Duplicate SDP Suppression
SIP Duplicate SDP Suppression Configuration
SIP SDP Address Correlation
SIP SDP Address Correlation Configuration Address Checking
SIP SDP Address Correlation Configuration Mismatch Status Code
SIP SDP Address Correlation Configuration Enforcement Profile
SDP Insertion for (Re)INVITEs
SDP Insertion for SIP INVITES
SDP Insertion for SIP ReINVITEs
SDP Insertion Configuration
Configuring SDP Insertion for SIP INVITEs
Configuring SDP Insertion for SIP ReINVITEs
Restricted Media Latching
About Latching
Restricted Latching
Symmetric Latching
Relationship to Symmetric Latching
Example 1
Example 2
Restricted Latching Configuration
Enhanced SIP Port Mapping
Anonymous Requests
Anonymous SIP Requests Configuration
SIP Registration Via Proxy
Considerations for Reg-Via-Key and Port Mapping
Request Routing
SIP Registration Via Proxy Configuration
Dynamic Transport Protocol Change
Dynamic Transport Protocol Change Configuration
SIP Privacy Extensions
Privacy Types Supported
user
header
id
Examples
Calls from Untrusted Source to Trusted Target
Calls from Trusted to Untrusted
Calls from Trusted to Trusted
Configuring SIP Privacy Extensions
Trust Mode
Disabling the PPI to PAI Change
SIP Registration Cache Limiting
About Registration Cache Additions Modifications and Removals
Registration Cache Alarm Threshold
Notes on Surrogate Registration
Monitoring Information
SIP Registration Cache Limiting Configuration
SIP Registration Overload Protection
SIP Registration Overload Protection Configuration
SIP Request Method Throttling
About Counters and Statistics
SIP Request Method Throttling Configuration
Rate Constraints for SIP Interfaces
Applying Session and Rate Constraints to a SIP Interface
Configuring Rate Constraints for Session Agents
SIP Delayed Media Update
Delayed Media Update Disabled
Delayed Media Update Enabled
SIP Delayed Media Update Configuration
Expedited Call Leg Release for Preempted Hairpin Calls
Accounting Considerations
SIPconnect
Modifications to Registration Caching Behavior
Configuring SIP Connect Support
Required Configuration
Suggested Additional Configuration
SIP Connect Configuration
SIP Registration Event Package Support
Updating Expiration Values
Contact Cache Linger Configuration
SIP Event Package for Registrations
Applicable Standards
Call Flow
Notification Bodies
SIP Event Package for Registrations Configuration
SIP Transport Selection
SIP Transport Selection Configuration
SIP Method-Transaction Statistic Enhancements
SIP Method Tracking Enhancements Configuration
SIP TCP Connection Reuse
SIP TCP Connection Reuse Configuration
SIP TCP Keepalive
SIP TCP Keepalive Configuration for Session Agents
SIP TCP Keepalive Configuration for SIP Interfaces
TCP Connection Tools
TCP and SCTP State Connection Counters
show sipd tcp connections
show sipd tcp
Updated Show Commands
show ip
show sipd
SIP Enforcement Profile and Allowed Methods
SIP Enforcement Profile Configuration
Setting Up and Enforcement Profile
Applying an Enforcement Profile
Enforcement Profile Configuration with subscribe-event
Setting Up Subscribe Dialog Limits
Applying an Enforcement Profile to a Realm
P-Certificate-Subject-Common-Name to REGISTER Messages
Configure the P-Certificate-Subject-Common-Name From the ACLI
Local Policy Session Agent Matching for SIP
Local Policy Session Agent Matching Configuration
SCTP Delivery Mode Configuration
About Wildcarding
Monitoring
STUN Server
About STUN Messaging
STUN Server Functions on the
Oracle® Enterprise Session Border Controller
RFC 3489 Procedures
rfc3489bis Procedures
Monitoring
STUN Server Configuration
SIP ISUP Features
SIP Diversion to SIP-ISUP Interworking
SIP-ISUP Configuration
SIP ISUP Profile Configuration
SIP-ISUP Configuration
SIP-ISUP Format Version Interworking
Details
SIP-ISUP Format Interworking Configuration
SIP-ISUP Format Interworking Configuration
SIP GRUU
Contact Header URI Replacement
Record-Route Addition
GRUU URI Parameter Name
SIP GRUU Configuration
SIP Session Timer Feature
How the Session Timer Feature Works
SIP Session Timer Configuration
DTMF Conversion Processing
SIP-KPML to RFC 2833 Conversion for DTMF Events
SIP KPML to RFC 2833 Negotiation
RFC 2833 to SIP KPML Negotiation
KPML-2833 Interworking on a SIP Interface Configuration
LMSD SIP Call Progress Tone Interworking
LMSD Interworking Configuration
SIP re-INVITE Suppression
SIP re-INVITE Suppression Configuration
RFC 4028 Session Timers
Ingress Call Leg
Setting 200 OK’s Session-Expire value
Refresher
UAC does not Support Session Timers
Egress Call Leg
Outbound INVITE Message
No Session Timer Configuration
UAS Initial Response
UAS Returns Errors
Session Refreshes
Oracle® Enterprise Session Border Controller
as Refresher
Creating the Refresh Message
Processing the Refresh Response
Oracle® Enterprise Session Border Controller
as Refresh Responder
Processing the Refresh
Forwarding the Refresh
Timer Expiration
Interaction with SIP Features
sip-config option session-timer-support
sip-feature Support
sip-interface option suppress-reinvite
Examples
RADIUS Interim record Generation
ACLI Configuration
Verify Config Validation
show sipd status
5
Signaling
H.323 Signaling Services
Peering Environment for H.323
Video-Conferencing Support
Overview
Signaling Modes of Operation
Back-to-Back Gateway Signaling
Back-to-Back Gatekeeper Proxy and Gateway
Interworking Gatekeeper-Gateway
Realm Bridging with Static and Dynamic Routing
Before You Configure
Global H.323 Settings
Global H.232 Settings Configuration
Accessing Global H.323 Parameters
Global H.323 Settings
H.323 Interfaces
H.232 Interfaces Configuration
Identity and State
Realm and Interface Associations
H.323 Signaling Interface Settings
H. 323 System Resource Allocation
H.323 Service Modes
H.232 Service Modes Configuration
Configuring Gateway Only Settings
Gatekeeper Proxy Settings
H.323 Features
Fast Start Slow Start Translations
Fast Start to Slow Start Translation
Slow Start to Fast Start Translation
Slow Start Fast Start Prerequisites
Media Profile Configuration
Fast Start/Slow Start Configurations
H.235 Encryption
RFC 2833 DTMF Interworking
About RFC 2833
About H.245 UII
About 2833 to H.245 UII Interworking
Flow Control Mapping for Interworking Function (IWF) Video
About DTMF Transfer
Preferred and Transparent 2833
Preferred 2883 Support
Transparent 2833 Support
Basic RFC 2833 Negotiation Support
H.323 to H.323 Negotiation
Signal and Alpha Type Support
H.323 Endpoints
Translating H.245 UII to 2833 for H.323 Calls
RFC 2833 Mode Configuration
RFC 2833 Payload Configuration
RFC 2833 SA Configuration
H.323 Registration Proxy
H.235 Authentication Transparency
Unique CSA Per Registered Gateway
Virtual Call Signaling Address
Virtual RAS Address
RAS Message Proxy
About Setting Port Ranges
H.323 Registration Proxy Configuration
H.323 Registration Caching
Caveats for Registration Caching
Configuration Requirements
H.323 Registration Caching Configuration
Configuring the Gatekeeper Interface for Registration Caching
ACLI Registration Caching Configuration Example
H.245 Stage
Dynamic H.245 Stage Support
Dynamic H.245 Stage for Incoming Calls
Dynamic H.245 Stage for Outgoing Calls
H.245 Stage Configuration
H.323 HNT
Caveats
H.323 HNT Configuration
H.323 Party Number-E.164 Support
Signaling Only Operation
H.245
H.225
Maintenance Proxy Function
Maintenance Proxy Configuration
Applying TCP Keepalive to the H.323 Interface
Automatic Gatekeeper Discovery
Automatic Gatekeeper Configuration
H.323 Alternate Routing
Without Alternate Routing Enabled
With Alternate Routing Enabled
H.323 Alternate Routing Configuration
H.323 LRQ Alternate Routing
Caveats
H.323 LRQ RAS Retransmission Configuration
H.323 LRJ Limit Configuration
H.323 CAC Release Mechanism
H.323 CAC Release Configuration
H.323 Per-Realm CAC
Caveats
H.323 Per-Realm CAC Configuration
H.323 Bearer-Independent Setup
H.323 BIS Disabled
H.323 BIS Enabled
H.323 BIS Global Configuration
H.323 BIS Specific Configuration
TOS Marking for H.323 Signaling
H.323 Codec Fallback
Codec Fallback Disabled
Codec Fallback Enabled
H.323 Codec Fallback Configuration
H.323 TCS Media Sample Size Preservation
Media Sample Size Configuration
H.323-TCS H.245 Support for H.264 and G722.1
H.323-TCS Generic Video Configuration
H.323-TCS Generic Audio Configuration
International Peering with IWF and H.323 Calls
Default OLC Behavior Changed in Upgrade
Options
Global H.323 Options
H.323 Interface Options
H.323 Stack Monitoring
H.323 Stack Monitoring Configuration
H.323 Automatic Features
Alias Mapping
Call Hold and Transfer
Call Hold and Transfer Basic Call
Call Hold and Transfer Music on Hold
Call Hold and Transfer
Media Release for SS-FS Calls
Dependencies
Hold-and-Resume Procedure
H.323 and IWF Call Forwarding
Previous Behavior
New Behavior
H.323 Sample Call Flow
H.323 NOTIFY Support
Caveats
H.323 H.239 Support for Video+Content
Multiple Media Streams with the Same Payload
Support for Generic Capabilities
Support for H.239 Generic Messages
Support for Miscellaneous Indication
SIP-H.323 interworking with Dynamic Payload Types
Video Conferencing Support for Polycom Terminals
ACLI Signaling Mode Configuration Examples
Configuration Fields and Values for B2BGW Signaling
Back-to-Back Gatekeeper Proxy and Gateway
Interworking Gatekeeper-Gateway
Additional Information
About Payload Types
Payload Types for Standard Audio and Visual Encodings
About RAS Message Treatment
6
Application Gateway Services
DNS ALG
Overview
Configuring DNS ALG Service
Before You Configure
DNS ALG Service Name Configuration
Identity Realm and Interface Addresses
DNS Server Attributes
DNS Transaction Timeout
DNS Transaction Timeout Configuration
Dynamic ACL for the HTTP-ALG
Dynamic Access Control List (ACL) Settings for the HTTP Application Layer Gateway (ALG)
Enable Dynamic Access Control List (ACL) for the HTTP Application Layer Gateway (ALG)
7
IWF Services
IWF Services
Access Network Application
Networking Peering Application
SIP and H.323
SIP H.323 Negotiation H.323 Fast Start
SIP to Fast Start H.323
H.323 Fast Start to SIP
SIP H.323 Negotiation H.323 Slow Start
H.323 SIP to Slow Start
H.323 Slow Start to SIP
Status and Codec Mapping
IWF Termination from H.323
IWF Termination During H.323 RAS
IWF RAS Registration Failure Code Mapping
IWF Termination from SIP
Q.850 Cause to H.323 Release Complete Reason
Codec Mapping
IWF Service Enhancements
SIP Redirect—H.323 LRQ Management
Redirect—LRQ Management Sample 1
Redirect—LRQ Management Sample 2
Redirect—LRQ Management Sample 3
SIP INFO and DTMF UII Management
Mid-Session Media Change
Enhanced Support for FAX Calls
Removing the T.38 Codec from an H.245 TCS
Early Media
Display Name Mapping
IWF Ringback Support
Sample 1 In-band Ringback without Progress Message
Sample 2 In-band Ringback with Progress Message
Sample 3 In-band Ringback without Alerting Message
Sample 4 Out-of-band Ringback without Progress Message
Sample Flow 5 Out-of-band Ringback with Progress Message
H.323 Endpoint-Originated Call Hold and Transfer
Basic Call
Hold
Music On Hold
Transfer
Conference
IWF Call Forwarding
New Behavior
H.323 Sample Call Flow
Media Release for H.323 SS-FS Calls for IWF
H.323
Hold-and-Resume Procedure
Additional IWF Steps
Dependencies
Before You Configure
H.323 Configuration
SIP Configuration
The Role of Local Policy
Local Policy in an IWF Session Initiated with H.323
Local Policy in an IWF Session Initiated with SIP
H.323-SIP Source Call Address Passthrough
Configure IWF
Topology Hiding for IWF with an Internal Home-Realm
IWF Topology Hiding Configuration
DTMF Support
DTMF Configuration
Applying the Media Profile
DTMF for all IWF translations
DMTF Support on a Per-Session-Agent Basis
RFC 2833 DTMF Interworking
About RFC 2833
About H.245 UII
About RFC 2833 to H.245 UII Interworking
About DTMF Transfer
Preferred and Transparent 2833
Preferred 2883 Support
Transparent 2833 Support
Payload Type Handling
Basic RFC 2833 Negotiation Support
H.323 to H.323 Negotiation
Signal and Alpha Type Support
H.323 to SIP Calls
SIP Endpoints
H.323 Non-2833 Interworking with SIP
How H.323 to SIP Calls Work
SIP INFO—RFC 2833 Conversion
IPv6 SIP INFO to RFC 2833 Telephone Event Interworking
RFC 2833 Interworking Configuration
RFC 2833 Mode for H.323 Stacks
RFC 2833 Payload for H.323
Configuring the SIP Interface
Configuring Session Agents
Enabling Payload Type Handling
DTMF Transparency for IWF
DTMF Transparency Configuration
RFC 2833 Packet Sequencing
RFC 2833 Packet Sequencing Configuration
Enhanced H.245 to 2833 DTMF Interworking
Enhancements Configuration
Setting the Minimum Signal Duration
SIP Tel URI Support
SIP Interface Configuration
Graceful DTMF Conversion Call Processing
IWF Inband Tone Option
IWF Inband Tone Configuration
RFC 3326 Support
Default Mappings
RFC 3326 Support Configuration
IWF Privacy Caller Privacy on Unsecure Networks
About the Presentation Indicator
H.323 to SIP IWF Call
Example 1 SETUP Sent from h323d to Remote H.323 Endpoints
Example 2 INVITE from h323d to sipd
SIP to H.323
Example INVITE from SIP End Point to sipd
IWF Privacy Caller Privacy on Secure Connections
H.323 to SIP IWF
Calls with Presentation Allowed
H.323 to SIP
Sample SETUP sent from h323d to Remote H323 Endpoints
SIP to H.323
Example 1 INVITE from sip EP to sipd
Example INVITE from sipd to h323d
IWF Privacy Extensions for Asserted Identity in Untrusted Networks
IWF Call Originating in H.323
Sample H.323 Setup from a Remote Endpoint
Sample SIP INVITE from the SBC to a SIP Endpoint
Before You Configure
P-Preferred-Identity Configuration
IWF Privacy for Business Trunking
A Call Originating in H.323
Sample SETUP Message from an H.323 Endpoint
Sample INVITE from the
Oracle® Enterprise Session Border Controller
to the SIP Endpoint
A Call Originating in SIP
Sample INVITE from a SIP Endpoint to the
Oracle® Enterprise Session Border Controller
Sample SETUP from the
Oracle® Enterprise Session Border Controller
to the H.323 Endpoint
allowCPN Configuration
Trunk Group Documentation
IWF COLP COLR Support
SIP to H.323 Calls
H.323 to SIP Calls
IWF COLP COLR Configuration
Options for Calls that Require the IWF
Global Configuration for H.323
Individual Configuration for H.323
Configuring H.323 SA Options
H.323 SA Options
Suppress SIP Reliable Response Support for IWF
suppress100rel Configuration
IWF Codec Negotiation H.323 Slow Start to SIP
IWF Codec Negotiation Configuration
IWF H.245 Signaling Support for G.726
H.245 and G.726 Configuration
Media Profile for H.245 and G.726 Configuration
Media Profile Configuration for Generic Audio Support
Flow Control Mapping for Interworking Function (IWF) Video
Customized G.729 Support
About Dynamic Payload Mapping
Customized G.729 Configuration
SIP-H.323 IWF Support for H.264 and H.263+
H.264 in H.323 (H.241)
Capabilities
H.264 Media Packetization
H.264 in SIP
H.264 Packetization Mode
H.264 IWF Conversions
IWF Unsupported Parameters
H.263+ in H.323
H.263+ in SIP
H.263+ IWF Conversions
IWF Unsupported Parameters
SIP-H.323 IWF in Video Conferencing Applications
International Peering with IWF and H.323 Calls
International Peering Configuration
IWF Codec Renegotiation for Audio Sessions
Codec Request Change from the SIP Side
Codec Request Change from the H.323 Side
Exceptional Cases
IWF Codec Renogotiation Configuration
8
Session Routing and Load Balancing
Session Routing and Load Balancing
Routing Overview
Session Agents Session Groups and Local Policy
About Session Agents
SIP Session Agents
Session Agent Status Based on SIP Response
SIP Session Agent Continuous Ping
SIP SA Continuous Ping Configuration
H.323 Session Agents
Overlapping H.323 Session Agent IP Address and Port
Managing Session Agent Traffic
Session Agent Groups
Request URI Construction as Forwarded to SAG-member Session Agent
SIP Session Agent Group Recursion
About Local Policy
Routing Calls by Matching Digits
SIP and H.323 Interworking
Route Preference
DTMF-Style URI Routing
Add a Local Response Map
SIP Routing
Limiting Route Selection Options for SIP
About Loose Routing
About the Ingress Realm
About the Egress Realm
Ping Message Egress Realm Precedence
Normal Request Egress Realm Precedence
Session Agent Egress Realm Configuration
About SIP Redirect
Proxy Redirect
Tunnel Redirect
SIP Method Matching and To Header Use for Local Policies
SIP Methods for Local Policies
Routing Using the TO Header
H.323 Routing
Egress Stack Selection
Static Stack Selection
Policy-Based Stack Selection
Registration Caching
Gatekeeper Provided Routes
Back-to-Back Gateway
Back-to-Back Gatekeeper and Gateway
Interworking Gatekeeper Gateway
Load Balancing
Configuring Routing
Configuration Prerequisite
Configuration Order
Routing Configuration
Configuring Session Agents
Session Agent Group Configuration
SAG Matching for LRT and ENUM
Configuring Local Policy
Local Policy Matching for Parent Realms
SIP Session Agent DNS-SRV Load Balancing
Session Agent DNS-SRV Load Balancing Configuration
Answer to Seizure Ratio-Based Routing
ASR Constraints Configuration
Active Directory-based Call Routing
LDAP in the
Oracle® Enterprise Session Border Controller
LDAP Messages
LDAP Failure Events
Oracle® Enterprise Session Border Controller
Limitations using LDAP
Configuring LDAP
Configuring ldap-config
Configure ldap-transactions
Configuring ldap-cfg-attributes
Configuring policy-attributes
LDAP Error Messages
LDAP Show Commands
ENUM Lookup
How ENUM Works
Translating the Telephone Number
About NAPTR Records
About the
Oracle® Enterprise Session Border Controller
ENUM Functionality
Configurable Lookup Length
UDP Datagram Support for DNS NAPTR Responses
Custom ENUM Service Type Support
ENUM Failover and Query Distribution
ENUM Query Distribution
Failover to New enum-config
ENUM Server Operation States
Server Availability Monitoring
ENUM Server IP Address and Port
Caching ENUM Responses
Source URI Information in ENUM Requests
Operation Modes
Stateless Proxy Mode
Transaction Stateful Proxy
Session Stateful Proxy
B2BUA
Example ENUM Stateless Proxy
ENUM Configuration
Example
Configuring the Local Policy Attribute
Local Policy Example
CNAM Subtype Support for ENUM Queries
CNAM Unavailable Response
SIP Profile Inheritance
CNAM Subtype Support Configuration
Direct Inward Dial (DID)-Range-Based Local Routing Table (LRT)
Create a DID-Range-Based LRT File
Configuring a DID-Range-Based LRT
Specifying the LRT Location
Enabling LRT Usage
Managing LRT using the Show LRT Command
LRT Entry Matching
LRT Entry Matching Configuration
LRT String Lookup
LRT String Lookup Configuration
Directed Egress Realm from LRT ENUM
Directed Egress Realm Configuration
SIP Embedded Route Header
SIP Embedded Route Header Configuration
LRT Lookup Key Creation
Arbitrary LRT Lookup Key
Hidden Headers for HMR and LRT lookup
Compound Key LRT Lookup
Retargeting LRT ENUM-based Requests
Re-targeting LRT ENUM-based Requests Configuration
Recursive ENUM Queries
Recursive ENUM Queries Configuration
Multistage Local Policy Routing
Routing Stages
Multi-stage Routing Source Realm
Network Applications
Multistage Routing Conceptual Example
Multistage Routing Example 2
Customizing Lookup Keys
Multistage Routing Lookup Termination
Global Local Policy Termination
Multistage Local Policy Routing Configuration
Maintenance and Troubleshooting
Traps
Routing-based RN and CIC
Routing-based RN Configuration
Codec Policies for SIP
Relationship to Media Profiles
Manipulation Modes
In-Realm Codec Manipulation
Codec Policy Configuration
Creating a Codec Policy
Applying a Codec Policy to a Realm
Applying a Codec Policy to a Session Agent
In-Realm Codec Manipulations
QoS Based Routing
Management
QoS Contraints Configuration
Configuring QoS Constraints
Applying QoS Constraint to a Realm
Using the Local Route Table (LRT) for Routing
Local Route Table (LRT) Performance
Local Routing Configuration
Configure Local Routing
Applying the Local Routing Configuration
Local Route Table Support for H.323 and IWF
IWF Considerations
ENUM LRT Responses
Telephony Fraud Protection
Telephony Fraud Protection Target Matching Rules
Telephony Fraud Protection File Activation
Telephony Fraud Protection Data Types and Formats
Configure Telephony Fraud Protection
Refresh the Telephony Fraud Protection File
Telephony Fraud Protection ACLI Show Commands
Telephony Fraud Protection verify-config
9
Number Translation
About Number Translation
Number Translation Implementation
Number Translation in SIP URIs
Session Translation in H.323 Messages
Number Translation Configuration Overview
Translation Rules
Translation Rules for Deleting Strings
Translation Rules for Adding Strings
Translation Rules for Replacing Strings
Session Translation
Applying Session Translations
Session Agent
Realm
Number Translation Configuration
Translation Rules
Session Translation
Number Translation Application
Other Translations
SIP NAT Translations
FQDN Mapping
10
Admission Control and QoS
Admission Control
About Call Admission Control
Bandwidth-Based Admission Control
Multi-Level Bandwidth Policy Nesting
Session Capacity- and Rate-based Admission Control
Constraints for Proxy Mode
CAC Policing and Marking for non-Audio non-Video Media
Bandwidth CAC Fallback Based on ICMP Failure
Bandwidth CAC Fallback Based on ICMP Failure Configuration
Bandwidth CAC for Aggregate Emergency Sessions
Bandwidth CAC for Aggregate Emergency Sessions Configuration
Admission Control for Session Agents
Session Agents Admission Control Configuration
Realm Bandwidth Configuration
SIP Admission Control Configuration
H.323 Admission Control Configuration
Aggregate Session Constraints for SIP
Aggregate Session Constraints Configuration
Applying Session Constraints in a SIP Interfaces
Configuring CAC Policing and Marking for non-Audio non-Video Media
Support for the AS Bandwidth Modifier
Media Profile Configuration
AS Modifier and Headroom Configuration
Offerless Bandwidth CAC for SIP
Offerless Bandwidth CAC for SIP Configuration
Shared CAC for SIP Forked Calls
Bandwidth Sharing Scenarios
Bandwidth Sharing Configuration
Configuring a SIP Profile
Applying a SIP Profile
RADIUS Accounting Support
Monitoring
Conditional Bandwidth CAC for Media Release
About Conditional Bandwidth CAC for Media Release
Details and Conditions
INVITEs UPDATEs Initially Received By
Oracle® Enterprise Session Border Controller
INVITEs UPDATEs Received by Second SBC
Conditional Admission with Per-user CAC
Conditional Bandwidth CAC Configuration
SIP Profile Configuration
Applying a SIP Profile
Configuring Require Header Option Tag
About QoS Reporting
Overview
QoS Statistics
Incremental QoS Updates
RADIUS Support
Configuring QoS
QoS Configuration
Accounting Configuration for QoS
QoS Accounting Configuration
Account Configuration
Account Server
White Lists for Managing Incoming SIP Headers and Parameters
White List Learning
White List Learning Configuration
Specify White List Rule Sets
Start White List Learning
Stop White List Learning
Configure White Lists for SIP Header and URI Parameter Management
The matched.log File
Rejected Messages Monitoring
Configuration Exception
Verify White List Configuration
11
Static Flows
Static Flows
About Static Flows
IPv6 / IPv4 Translations
About Network Address Translation ALG
NAPT
TFTP
Configuring Static Flows
Basic Static Flow Configuration Overview
Static Flow Configuration
Example Configuration: Bidirectional Static Flows
12
High Availability Nodes
High Availability Nodes
Establishing Active and Standby Roles
Health Score
State Transitions
State Transition Sequences
HA Features
Multiple Rear Interfaces
Configuration Checkpointing
Gateway Link Failure Detection and Polling
Before Configuring a High Availability (HA) Pair
HA Node Connections
Virtual MAC Addresses
Virtual MAC Address Configuration
Virtual MAC Addresses for VNFs
HA Node Connections
HA Node Connection Configuration
Rear Interfaces
Media Interface Virtual MAC Addresses
HA Node Parameters
HA Node Parameter Configuration
HA Node Peer Configuration
HA Node Health And State Configuration
High Availability on the Acme Packet 1100
Configure the Acme Packet 1100 for HA
Configure the Acme Packet 1100 Management Interface for HA
Configure the Acme Packet 1100 Network Interface for HA
Configure the Acme Packet 1100 for system redundancy
Synchronizing Configurations
Synchronize HA Peers
Using Configuration Checkpointing
HA Configuration Checkpointing
Manually Checking Configuration Synchronization
Media Interface Link Detection and Gateway Polling
Media Interface Link Detection and Gateway Polling Configuration
Media Interface Link Detection and Gateway Polling Configuration 2
Signaling Checkpointing
SIP Signaling Checkpointing
Signaling Checkpointing Configuration
Media State Checkpointing
Media State Checkpointing Configuration
HA Media Interface Keepalive
Impact to Boot-Up Behavior
HA Media Interface Keepalive Configuration
RTC Notes
HA
Protocol-Specific Parameters and RTC
Switchovers
Automatic Switchovers
Manual Switchovers
13
Security
Security
Security Overview
Denial of Service Protection
Levels of DoS Protection
About the Process
Trusted Path
Address Resolution Protocol Flow
Untrusted Path
IP Fragment Packet Flow
Fragment Packet Loss Prevention
Static and Dynamic ACL Entry Limits
Dynamic Deny for HNT
Host and Media Path Protection Process
E-SBC
Access Control
Access Control for Hosts
Media Access Control
Host Path Traffic Management
Traffic Promotion
Malicious Source Blocking
Blocking Actions
Protecting Against Session Agent Overloads
ARP Flood Protection Enhancements
Dynamic Demotion for NAT Devices
DDoS Protection from Devices Behind a NAT
Configuring DoS Security
Configuration Overview
Changing the Default
Oracle® Enterprise Session Border Controller
Behavior
Example 1 Limiting Access to a Specific Address Prefix Range
Example 2 Classifying the Packets as Trusted
Example 3 Installing Only Static ACLs
Access Control List Configuration
Host Access Policing
Configuring ARP Flood Protection
Access Control for a Realm
Configuring Overload Protection for Session Agents
Media Policing
Policing Methods
Session Media Flow Policing
Static Flow Policing
Configuration Notes
Session Media Flow Policing
Static Flow Policing
Media Policing Configuration for RTP Flows
Media Policing Configuration for RTCP Flows
Media Policing Configuration for Static Flows
RTP Payload Type Mapping
ITU-T to IANA Codec Mapping
SDP Anonymization
SDP Anonymization Configuration
Unique SDP Session ID
Unique SDP Session ID Configuration
TCP Synchronize Attack Prevention
About SYN
Server Vulnerability
Configuring TCP SYN Attack Prevention
Host Certificate Retrieval via SNMP
Host Certificate Retrieval Configuration
Transport Layer Security
The
E-SBC
and TLS
Supported Encryption
Suite B and Cipher List Support
TLS Ciphers
Minimum Advertised SSL/TLS Version
Minimum Advertised SSL/TLS Version Configuration
Signaling Support
Endpoint Authentication
Keeping Pinholes Open at the Endpoint
Key Usage Control
Key Usage List
Extended Key Usage List
4096-bit RSA Key Support
Reusing a TLS Connection
TLS Configuration Process
Certificate Configuration Process
Configure the Certificate Record
Generating a Certificate Request
Import a Certificate Using the ACLI
Import a Certificate Using SFTP
Viewing Certificates
Brief Version
Detailed Version
Configure a TLS Profile
Applying a TLS Profile
Denial of Service for TLS
DoS for TLS Configuration
DoS protection for TLS Connections on the SIP Interface Configuration
Configuring the SIP Configuration
Configuring the Realm
Securing Communications Between the
E-SBC
and SDM with TLS
TLS Session Caching
TLS Session Caching Configuration
TLS Endpoint Certificate Data Caching
Inserting Customized SIP Headers in an Outgoing INVITE
Validating the Request-URI Based on Certificate Information
TLS Endpoint Certificate Data Caching Configuration
Untrusted Connection Timeout for TCP and TLS
Caveats
Untrusted Connection Timeout Configuration for TCP and TLS
Securing Communications Between the
E-SBC
and SDM with TLS
Online Certificate Status Protocol
Caveats
Online Certificate Status Protocol Configuration
Unreachable OCSR
Unreachable OCSR Configuration
OCSR Status Monitoring
OCSR Access via FQDN
OCSR Access Configuration via IP Address
OCSR Access Configuration via FQDN
Direct and Delegated Trust Models
Direct Trust Model Configuration
Delegated Trust Model Configuration
Secure Real-Time Protocol (SRTP) for Software
Protocol Overview
Operational Modes
Single-Ended SRTP Termination
Back-to-Back SRTP Termination
SRTP Pass-Thru
ACLI Instructions
SDES Profile Configuration
Media Security Policy Configuration
Assign the Media Security Policy to a Realm
ACLI Example Configurations
Single-Ended SRTP Termination Configuration
Back-to-Back SRTP Termination Configuration
SRTP Pass-Thru Configuration
Security Policy
SRTP Re-keying
SRTP Re-keying Configuration
Modified ALCI Configuration Elements
ARIA Cipher Support
Call Flow
ARIA Support Configuration
Secure and Non-Secure Flows in the Same Realm
Mode Settings in the Media Security Policy
For Incoming Flows
For Outgoing Flows
Using Security Associations for RTP and RTCP
ACLI Instructions and Examples
Egress Offer Format for SDES Profile Configuration
Supporting UAs with Different SRTP Capabilities
Receiving Offer SDP
Receiving Answer SDP
ACLI Instructions and Examples
Refining Interoperability
Refining Interoperability Configuration
Multi-system Selective SRTP Pass-through
Constraints
Operational Overview
Call Flows
Call Setup
Music on Hold
Call Transfer
Early Media
Multi-system Selective SRTP Pass-through with Media Release
Multi-system Selective SRTP Pass-through Configuration
Statistics
IDS Reporting
Basic Endpoint Demotion Behavior
Endpoint Demotion Reporting
SNMP Reporting
HDR Reporting
Endpoint Demotion SNMP Traps
Trusted to Untrusted Reporting
SNMP Reporting
Endpoint Demotion Trusted-to-Untrusted SNMP Trap
Endpoint Demotion Syslog Message
Event Log Notification Demotion from Trusted to Untrusted
Endpoint Demotion Configuration
Endpoint Demotion due to CAC overage
CAC Attributes used for Endpoint Demotion
Authentication Failures used for Endpoint Demotion
Endpoint Demotion Configuration on CAC Failures
IDS Phase 2 (Advanced Reporting)
Rejected SIP Calls
Rejected Calls Counter
Syslog Reporting of Rejected Calls
TCA Reporting of Denied Entries
Syslog Reporting of Denied Entries
CPU Load Limiting
Denied Endpoints
Maintenance and Troubleshooting
show sipd acls
14
Transcoding
Introduction
Transcoding Processing Overview
Answer Processing and Examples
Unoffered Codec Reordering
Non-transcoded Call
Transcoded Call
Voice Transcoding
Voice Scenario 1
Voice Scenario 2
Voice Scenario 3
RFC 2833 Transcoding
RFC 2833 Scenario 1
RFC 2833 Scenario 2
FAX Transcoding
Defining G711FB
FAX Scenario 1
FAX Scenario 2
FAX Scenario 3
Transrating
Transrating Scenario 1
Transcoding Hardware
Transcoding Capacity
Transcodable Codecs
Transcodable Codec Details
T.38 FAX Support
Software-based transcoding
Software-based transcoding alarms and traps
Opus Codec Transcoding Support
SILK Codec Transcoding Support
Comfort Noise Transcoding
System Behavior Without Comfort Noise Transcoding
System Behavior With Comfort Noise Transcoding
Transcoding Configuration
Terms Used in Codec Policies
Ingress Policy
Egress Policy
Post Processing
allow-codecs
order-codecs
Add on Egress
Packetization Time
Codec Policy Configuration
ACLI Configuration Instructions
Naming Codec Policies
Removing Allowing and Adding Codecs
Ordering Codecs
Transrating Configuration
Applying a Codec Policy to a Realm
Secure DTMF Cancellation
Enable Secure DTMF Cancellation
Default Media Profiles
Preferred Default Payload Type
Redefining Codec Packetization Time
mptime Support for Packet Cable
AMR-NB and AMR-WB Specifications
AMR AMR-WB Payload Type Mapping
AMR AMR-WB octet-align Parameter
AMR AMR-WB mode-set Parameter
Other AMR AMR-WB Parameters
Examples and Explanations
ACLI Configuration
Media Profile Configuration
ACLI Configuration Instructions and Examples
Creating User-Defined Ptime per Codec
Media Type Subnames
SDP Parameter Matching
Using Subnames with Codec Policies
Subname Syntax and Wildcarding
Wildcarding add-codecs-on-egress
Media Type and Subname Configuration
Codec Policy Configuration with a Media Type with a Subname
Codec and Conditional Codec Policies for SIP
Relationship to Media Profiles
Manipulation Modes
In-Realm Codec Manipulation
Conditional Codec Policies
Conditional Codec Lists
Conditional Codec Operators
ACLI Instructions and Examples
Creating a Codec Policy
Applying a Codec Policy to a Realm
Applying a Codec Policy to a Session Agent
In-Realm Codec Manipulations
Pooled Transcoding
Supported Codecs for Pooled Transcoding
Hardware and Software Requirements
Implementation Details
Scenario 1 INVITE with SDP
Scenario 2 INVITE without SDP
Re-INVITES and Updates with SDP
RFC 2833 Considerations
Configuration Requirements and Verification
A-SBC Configuration Requirements
T-SBC Requirements
Configuration Verification
Configure Pooled Transcoding
Monitor Dialogs Between the A-SBC and the T-SBC
Per-Method Statistics
Notes on the DIAMETER Rx Interface
Accounting and Transcoding
Asymmetric Dynamic Payload Types Enablement
Configure Transcoding for Asymmetric Dynamic Payload Types
Maintenance and Troubleshooting
show mbcd errors
show xcode api-stats
show xcode dbginfo
Viewing Active Audio and Video Call Statistics
Session Based Statistics
Flow Based Statistics
Transcoded audio stream example
Multiple audio stream example
Single audio stream example
show sipd codecs
show xcode xlist
show xcode session-byipp
show xcode session-byattr
show xcode session-byid
show xcode session-all
show xcode load
Logs
Alarms
show xcode load for software xcode
show xcode session-all
show xcode session-byid
show xcode session-byipp
Daylong Transcoding Session Cleanup
Transcoding Capacity Traps
SRTP and Transcoding
Generating RTCP
RTCP Generation Platform Support
Configuring RTCP Generation
Obtaining System Information about RTCP Generation
Forced RTCP Receiver Report Generation
Generate an RTCP Receiver Report
SNMP
Acme Packet Codec and Transcoding MIB (ap-codec.mib)
Acme Packet System Management MIB (ap-smgmt.mib)
Acme Packet 6300 NIU Hotswap Guidelines
Network Interface Unit Removal/Replacement -- Standalone Node
NIU Removal/Replacement -- High Availability Deployment
15
DTMF Transfer and Support
DTMF Interworking
DTMF Indication
RFC 2833 telephone-event
SIP INFO Messages
DTMF Transfer Processing Overview
Capability Negotiation
SDP Manipulated by Codec Policy
telephone-event Modification by Codec Policy
SDP Manipulated by RFC 2833 Mode
Transparent RFC 2833 Support
Preferred RFC 2883 Support
RFC 2833 Payload Type Mapping
Translation Evaluation
RFC 2833 Sent by Offerer
RFC 2833 to RFC 2833
RFC 2833 to DTMF Audio Tones
RFC 2833 to SIP INFO
DTMF Audio Tones Sent by Offerer
DTMF Audio to DTMF Audio
DTMF Audio to RFC 2833
DTMF Audio to SIP
SIP INFO Sent By Offerer
SIP INFO to RFC 2833
SIP INFO to DTMF Audio
SIP INFO to SIP INFO
Dual Mode
P-Dual-Info Header
Example 1
Example 2
Identical Inband with Signaling DTMF Transfer Exception
Override Preferred RFC 2833
Override Preferred DTMF Audio
DTMF Transfer for Spiral Calls
P-Dual-Info Header
DTMF Transfer Hardware Processing
DTMF Transfer Configuration
RFC 2833 Session Agent Configuration
ACLI Configuration and Instructions
SIP Interface
Session Agent
Codec Policy
Translate Non2833 Event Behavior
P-dual-info Header Appearance
RFC 2833 Customization
RTP Timestamp
RFC 2833 telephone-event duration intervals
RFC 2833 End Packets
ACLI Instructions and Examples
16
Personal Profile Manager
Introduction
The ESBC as an ALG for HTTP and HTTPS
Configuring the PPM Proxy on the
E-SBC
Configure Private Settings
Configure Public Settings
PPM XML Mapping to ACLI Parameters
Example PPM Proxy Configuration
17
Remote Site Survivability
Remote Site Survivability
How it Works
Normal Behavior Call Process
Remote Survivable Call Process Behavior
Entering Survivable Mode
Exiting Survivable Mode
Remote Site Survivability with a BroadSoft Server
Remote Site Survivability Configuration
Configure Remote Site Survivability
Configure the Ping Method for a Session Agent
Show Survivability Command
Show Command for Survivability Status
Show Commands for Survivability
Show Commands for Request Methods
Show Commands for Session Agents Interfaces and Realms
Historical Data Recording (HDR) for Survivability
Group survivability-sip-status
Group Statistics
Active Subscriptions
CallID Maps
Client Trans
DNS Results
DNS Sockets
DNS Trans
Dialogs
Load Rate
Media Pending
Media Sessions
ReINVITEs
Rejections
Req Drops
Resp Contexts
Saved Contexts
Server Trans
Sessions
Session Rate
Sockets
Subscriptions
Subscriptions High
SubscriptionsPerMax
Group survivability-sip-invites
Group Statistics
INVITE Requests
Locally Throttled
Response Codes
Response Retrans
Retransmissions
Transaction Timeouts
Group survivability-sip-register
Group Statistics
Locally Throttled
REGISTRATION Requests
Response Retrans
Retransmissions
Transaction Timeouts
Group survivability-sip-errors
Group Statistics
Application Errors
CAC BW Drop
CAC Session Drop
Drop Media Errors
Early Media Exps
Expired Sessions
Exp Media Drops
Invalid Messages
Invalid Requests
Invalid Responses
Media Exp Events
Media Failure Drops
Multiple OK Drops
Multiple OK Terms
Non-ACK 2xx Drops
SDP Answer Errors
SDP Offer Errors
SNMP Trap for Survivability
Survivability Alarms and Logging
Transaction Errors
18
Web Server TLS Configuration
Introduction
Configuring TLS on the Web Server
Process Overview
Certificate Configuration Process
Configure a Certificate Record
Generate a Certificate Request
Import a Certificate Using the ACLI
Import a Certificate Using SFTP
PKCS #12 Container Import and Export Capability
Export to a PKCS #12 File
Import a PKCS #12 File
Securing Communications Between the
E-SBC
and SDM with TLS
Configuring a TLS Profile
Management Commands for the Web Server
Show ip connections Command
Show users Command
Kill <index> Command
19
Session Plug-In Language
Oracle SPL Plug-ins
SNMPv1v2 Community Configuration
Supported SPL Engines
Load and Enable an SPL Plug-in
Upload an SPL Plug-in
Add an SPL Plug-in to the Configuration
Synchronize SPL Plug-in Files Across an HA Pair
SBC Deployment Behind a NAT Device
Configure the Session Border Controller (SBC) Behind a Network Address Translation (NAT) Device Option
Import and Export the
E-SBC
Configuration
Import and Export Restrictions
Configuration CSV Files
Create a CSV File
Enter Configuration Data Using a Text File
Import a CSV Configuration File
Export an
E-SBC
Configuration to a CSV File
Lync Emergency Call SPL Plug-in
Set Lync Emergency Call Options on Realms, Session Agents, and SIP Interfaces
Example Playback-on-Refer Configuration
Inserting SIP Headers into SIPREC Metadata
Sample Metadata
Configure SIP Headers for SIPREC Metadata
Example Configuration
Example Configuration
Universal Call Identifier SPL
UCID-App-ID
GUCID-Node-ID
GUID-Node-ID
convert-to
Example SPL Options
Sample Metadata
Configuring Universal Call Identifier Options
Example Configuration
Comfort Noise Generation SPL
Configure the Comfort Noise Generation SPL
Example Configuration
High Availability (HA) Support
Licensing Information
Maintenance and Troubleshooting Commands for SPLs
show SPL
SPL Signature State
show running-config spl-config
show directory code spl
show spl-options
SPL File Deletion
SPL Log Types
Emergency Location Identification Number (ELIN) Gateway Support
How the Emergency Location Identification Number (ELIN) SPL Works
Configure the ELIN Gateway Option
Avaya Session Manager (SM) Redundancy
How Avaya Session Manager (SM) Redundancy Works
Session Manager Mapping
Map a Session Manager to a Session Border Controller
Configure Avaya Session Manager (SM) Redundancy
Avaya Client Failover
TCP/FIN Generation Configuration
Avaya Attended-Transfer-Enable SPL
Configure the Attended-Transfer-Enable SPL
20
Local Media Playback
Supported Local Media Playback Capabilities
Pre-Requisites
Media Setup & Playback
Media Spirals
Media Files
Supported Playback Scenarios
Playback on 183 Session Progress
REFER
Playback Header
ACLI Configuration and Examples
Set up the Playback Configuration
Set Playback Options on Realms, Session Agents, and SIP Interfaces
Playback Configuration Example
RTC Support
Considerations for HA Nodes
Alarms
Monitoring
21
How to use the ACLI
The ACLI
Using the ACLI
Privilege Levels
Enabling Superuser Mode
Debug Mode
System Access
Local Console Access
Remote SSH Access
ACLI Help and Display
Exiting the ACLI
Navigation Tips
Hotkeys
Command Abbreviation and Completion
Command Abbreviation
Tab Completion
Configuration Element and System Command Menus
Context-Sensitive Help
Context-Sensitive Help for System Commands
Viewing Output With the More Prompt
Disabling the More Prompt
Configuring Using the ACLI
Line-by-Line Commands
Working with Configuration Elements
Creating configurations
Saving configurations with the done command
Viewing configurations with the show command
Navigating the configuration tree with the exit command
Choosing configurations with the select command
Deleting configurations with the no command
Deleting an existing configuration element example
ACLI Configuration Summaries
Viewing Summaries
Data Entry
ACLI Field Formats
Boolean Format
Carrier Format
Date Format
Date and Time Format
Day of Week Format
Enumerated Format
Hostname (or FQDN) Format
IP Address Format
Name Format
Number Format
Text Format
Time of Day Format
Preset Values
Default Values
Error Messages
Special Entry Types Quotation Marks and Parentheses
Multiple Values for the Same Field
Multi-Word Text Values
An Additional Note on Using Parentheses
Option Configuration
Append Example
Delete Example
22
Appendix RTC Support
RTC Support
23
Maintenance and Troubleshooting
Software Watchdog and Monitoring Timer
Software Watchdog Timing
Software Watchdog Response Actions
Show the Thread Health Status
Configure the Software Watchdog
Advanced Logging
Configure Advanced Logging - Command Line
Configuring Advanced Logging
Disable Advanced Logging - Command Line
Disable Advanced Logging - Configure Mode
Clear Advanced Logging Criteria - Command Line
View Advanced Logging Status - Command Line
TCP Connection Tools
Show Commands Related to VNF Deployments
show datapath-config
show platform limits
SNMP MIBs and Traps Related to VNF Deployments
apUsbcSysDPDKObjects
apUsbcSysScalingObjects
Log Files for the VNF
A
SIP Compatibility Options
Ensuring Telephone Event Negotiation within Delayed Media and Conflicting Configurations
Accommodating m=line Omissions During Call Setup
Ensuring Compliant SDP Management for P-Early Media Call Flows