5 Caveats, Limitations, and Known Issues

Oracle recommends that you review the following information about Caveats, Limitations, and Known Issues before using the E-CZ8.1.0 release. The Caveats and Limitations topics explain certain behaviors and limitations that you can expect. They do not provide workarounds. The Known Issues topic describes issues that Oracle is aware of and may address in a future release. Known Issues contain workarounds, when available.

Older Caveats Fixed in This Release

The following caveats have been fixed in ECZ8.1.0:
  • QoS reporting is now supported for transcoded calls

Caveats and Limitations

The following information lists and describes the caveats and limitations for this release. Oracle updates this Release Notes document to distribute issue status changes. Check the latest revisions of this document to stay informed about these issues.

Provisioning Transcode Codec Session Capacities

When you use setup entitlements to set the capacity for a transcode codec, the system may or may not require a reboot.

  • When a transcode codec is licensed with a license key, a capacity change requires a reboot to take effect.
  • When a transcode codec is not licensed with a license key, a capacity change takes effect without a reboot.

Virtual Network Function (VNF) Caveats

The following functional caveats apply to VNF deployments of this release:

  • The OVM server 3.4.2 does not support the virtual back-end required for para-virtualized (PV) networking. VIF emulated interfaces are supported but have lower performance. Consider using SR-IOV or PCI-passthru as an alternative if higher performance is required.
  • Default levels for scalability and are set to ensure appropriate throttling based on platform capacity factors such as hypervisor type, number and role of CPU cores, available host memory and I/O bandwidth. In some scenarios, the defaults may not be appropriate and throttling may occur at lower or higher call rates than expected. Please contact Oracle Technical Support for details on how to override the default throttles, if required.
  • To support HA failover, MAC anti-spoofing must be disabled for media interfaces on the host hypervisor/vSwitch/SR-IOV_PF.
  • When operating as a VNF deployed in an HA configuration, the OCSBC does not support IPSec.
  • Virtual LAN (VLAN) tagging is not supported when deploying the OCESBC over the Hyper-V platform.

Transcoding - general

Only SIP signaling is supported with transcoding.

Codec policies can be used only with realms associated with SIP signaling.

Local Media Playback feature is incompatible with any transcoding functionality.

T.38 Fax Transcoding

T.38 Fax transcoding is available for G711 only at 10ms, 20ms, 30ms ptimes.

Pooled Transcoding for Fax is unsupported.

Pooled Transcoding

The following media-related features are not supported in pooled transcoding scenarios:
  • Lawful intercept

  • 2833 IWF

  • Fax scenarios

  • RTCP generation for transcoded calls

  • OPUS/SILK codecs

  • SRTP and Transcoding on the same call

  • Asymmetric DPT in SRVCC call flows

  • Media hairpinning

  • QoS reporting for transcoded calls

  • Multiple SDP answers to a single offer

  • PRACK Interworking

  • Asymmetric Preconditions

DTMF Interworking

RFC 2833 interworking with H.323 is unsupported.

SIP-KPML to RFC2833 conversion is not supported for transcoded calls.

H.323 Signaling Support

If you run H.323 and SIP traffic in system, configure each protocol (SIP, H.323) in a separate realm.

Media Hairpinning

Media hairpining is not supported for hair-pin and spiral call flows involving both H.323 and SIP protocols.

Fragmented Ping Support

The Oracle® Enterprise Session Border Controller does not respond to inbound fragmented ping packets.

Physical Interface RTC Support

After changing any Physical Interface configuration, you must reboot the system reboot.

SRTP Caveats

The ARIA cipher is not supported by virtual machine deployments.

Packet Trace

  • VNF deployments do not support the packet-trace remote command.
  • The Acme Packet 3900 does not support the packet-trace remote command.
  • The Acme Packet 1100 does not support the packet-trace remote command.
  • Output from the packet-trace local command on hardware platforms running this software version may display invalid MAC addresses for signaling packets.

Trace Tools

You may only use one of these trace tools at a time:
  • packet-trace command
  • The communications-monitor as an embedded probe with the Enterprise Operations Monitor
  • SIP Monitor and Trace

RTCP Generation

Video flows are not supported in realms where RTCP generation is enabled.


SCTP Multihoming does not support dynamic and static ACLs configured in a realm.

SCTP must be configured to use different ports than configured TCP ports for a given interface.

Real Time Configuration Issues

In this version of the E-SBC, the realm-config element's access-control-trust-level parameter is not real-time configurable.

Workaround: Make changes to this parameter within a maintenance window.

Virtual Network Function (VNF) Limitations

Oracle® Enterprise Session Border Controller (E-SBC) functions not available in VNF deployments of this release include:

  • Native transcoding for codecs other than G.711, G.729 and AMR.

    Workaround: For all other codecs, configure your environment and system for pooled transcoding.

  • FAX Detection
  • RTCP generation for G.711 or G.729
  • RTCP detection
  • TSCF functionality
  • Remote Packet Trace
  • ARIA Cipher
  • IPSec functionality not available in VNF deployments of this release:
    • IKEv1
    • Authentication header (AH)
    • The AES-XCBC authentication algorithm
    • Dynamic reconfiguration of security-associations
    • Hitless HA failover of IPSec connections.

High Availability

High Availability (HA) redundancy is unsuccessful when you create the first SIP interface, or the first time you configure the Session Recording Server on theOracle® Enterprise Session Border Controller (E-SBC). Oracle recommends that you perform the following work around during a maintenance window.
  1. Create the SIP interface or Session Recording Server on the primary E-SBC, and save and activate the configuration.
  2. Reboot both the Primary and the Secondary.

Acme Packet 3900 IPSec Limitations

The following IPSec functions are not available for the Acme Packet 3900 in this release.

  • IKEv1
  • Authentication header (AH)
  • The AES-XCBC authentication algorithm
  • Dynamic reconfiguration of security-associations
  • Hitless HA failover of IPSec connections.

Dead Peer Detection

When running on the Acme Packet 6100, the E-SBC's dead peer detection does not work with IPv4.

Offer-Less-Invite Call Flow

Call flows that have "Offer-less-invite using PRACK interworking, Transcoding, and dynamic payload" are not supported in this release.

Fragmented SIP Message Limitations

Fragmented SIP messages are intercepted but not forwarded to the X2 server if IKEv1/IPsec tunnels are configured as transport mode.

Workaround: Configure IKEv1/IPsec tunnels as "tunnel mode".

IPv6 On X1 Interface

IPv6 does not work on X1 interface.

Known Issues

The following list of Known Issues provides the Bug DB number, a description of the issue, and when possible, the workaround, the found-in release, and the fixed-in release.

ID Description Found-in Fixed-in

GW unreachable and NetBufCtrl MBUFF errors - This can result in system instability including crash, gw-unreachable and redundancy issues. System will switchover if in HA. Show Buffers output will normally show an increase of errors reported in the NetBufCtrl field due to mbuf’s not being freed.

E-Cz8.1.0 E-Cz8.1.0m1p18


The system does not support SIP-H323 hairpin calls with DTMF tone indication interworking. SCZ7.2.0 CZ8.1.0
None The E-SBC stops responding when you configure an H323 stack supporting SIP-H323-SIP calls with its max-calls parameter set to a value that is less than its q931-max-calls parameter.

Workaround: For applicable environments, configure the H323 stack max-calls parameter to a value that is greater than its q931-max-calls parameter.

SCZ7.4.0 TBD
None The system does not support HA Redundancy for H.323 calls. TBD


RADIUS Stop records for inter-working function (IWF) calls might display inaccurate values. SCZ7.3.0 TBD


The show interfaces brief command incorrectly shows pri-util-addr information in its output. SCZ7.4.0 TBD


Media interfaces configured for IPv6, and using different VLANs that operate over different infrastructures, including VoLTE and 3GPP, are not supported. SCZ7.3.0 TBD


Telephony fraud protection does not black list calls after a failover.

Workaround: Activate the fraud protection table on the newly active server.

E-CZ7.5.0 TBD


The E-SBC can incur a system-level service impact while performing a switchover using "notify berpd force" with an LDAP configuration pointing to an unreachable LDAP server.

Workaround: Ensure that the E-SBC can reach the LDAP server before performing switchover.

Unknown TBD


Enabling and adding Comm Monitor config for the first time can create a situation where the monitoring traffic (IPFIX packets) does not reach the Enterprise Operations Monitor.

Workaround: Reboot the system.

E-CZ7.5.0 TBD


The system feature provided by the phy-interfaces's overload-protection parameter and overload-alarm-threshold sub-element is not functional. Specifically, enabling the protection and setting the thresholds does not result in trap and trap-clear events based on the interface's traffic load.

The applicable ap-smgmt.mib SNMP objects include:

  • apSysMgmtPhyUtilThresholdTrap
  • apSysMgmtPhyUtilThresholdClearTrap
SCZ7.2.0 SCZ8.2.0


In some early media call flows, the E-SBC might not present the correct address for RTP causing the call to terminate. SCZ8.0.0 SCZ8.0.0p2


When configured with the 10 second QoS update mechanism for OCOM, the E-SBC presents the same codec on both sides of a transcoding call in the monitoring packets.

You can determine the correct codecs from the SDP in the SIP Invite and 200 OK.

SCZ8.0.0p1 TBD


The 10s QoS interim feature includes the wrong source IP address as the incoming side of a call flow.

The issue does not prevent successful call and QoS monitoring. For monitoring and debugging purposes, you can find the source IP in the SIP messages (INVITE/200OK).

SCZ8.0.0p1 TBD


The packet-trace remote command does not work with IPv6. S-CZ7.4.0 TBD
26432028 On the Acme Packet 1100, Acme Packet 3900, and VME un-encrypted SRTP-SDES calls result in one-way audio.

Workaround: None at this time.

E-CZ7.5.0 TBD


When operating in HA mode, the E-SBC might display extraneous "Contact ID" output from the show sipd endpoint-ip command. You can safely ignore such output. SCZ8.0.0 TBD


The E-SBC dead peer detection does not work with IPv4. SCZ8.0.0 TBD


Running commands with very long output, such as the "show support-info" command, over an OVM virtual console might cause the system to reboot.

Workaround: You must run the "show support-info" command only over SSH.

SCZ8.0.0p1 TBD


When configured to perform SRTP-RTP interworking, the E-SBC might forward SRTP information in the SDP body of packets on the core side, causing the calls to terminate.

Workaround: Add an appropriately configured media-sec-policy on the RTP side of the call flow. This policy is in addition to the policy on the SRTP side of the call flow.

SCZ8.0.0p1 TBD

The cpu-load command does not display the correct value under show-platforms.

ECZ8.0.0 CZ8.1.0


In some PRACK IWF scenarios, the E-SBC may insert the media address of the core in the 200 OK SDP sent to the caller instead of it's own address. This misdirects the audio causing the call to fail. CZ8.1.0
If you configured the ims_aka option, you must also configure sip-interfaces with an ims-aka-profile entry. ECZ7.4.0m1


When running E-CZ8.1.0 over Hyper-V, and you set the process-log level to DEBUG, the system can become unstable or stop responding. The system requires a reboot.

Workaround: Do not enable process-log level DEBUG.

ECZ8.1.0 CZ810p1


When trying to establish a connection between the SBC and your network, while using TLS version 1.2, the SBC may reject the connection.

Workaround: You may need to adjust your cipher list.

ECZ8.1.0 TBD
28062411 Calls that require SIP/PRACK interworking as invoked by the 100rel-interworking option on a SIP interface do not work in pooled transcoding architectures. SCZ740 SCZ810m1
None IPSec is not supported on the Acme Packet 3900 and VNF in the CZ8.1.0 release. You must upgrade to CZ8.1.0p1 to get this support. After you upgrade to CZ8.1.0p1, do the following:
  1. Run setup entitlements, again.
  2. Select advanced to enable advanced entitlements, which then provides support for IPSEC on Acme Packet 3900 and VNF systems.
CZ810 CZ810p1
28305575 On VNFs, the system erroneously displays the IPSEC entitlement under "Keyed (Licensed) Entitlements." The error does not affect any functionality and you do not need to do anything. CZ810 CZ820


When operating the OCSBC on the Acme Packet 6300, the traceroute command does not show hops for an IPv6 traceroute that does not reach the target address. The system successfully displays hops when the traceroute reaches the target and for IPv4 traceroutes. CZ810 TBD


When running ECZ810M1 on the Acme Packet 3900, IPSec functionality is not available. CZ810 TBD


The anonymize-invite option for CommMonitor is not RTC. To see a change, you must either reboot or toggle the admin state. The following is a general admin state toggle procedure:
  1. Set admin state to disabled.
  2. Save and activate.
  3. Set admin state to enabled.
  4. Save and activate.
CZ810m1 TBD


The system is not populating the Username AVP in Accounting Requests (ACRs) correctly. When triggered by an INVITE, these AVPs contain only the "@" sign. They do not include the username and domain name portion of the URL. CZ810m1 TBD


When booting CZ8.1.0M1 on any virtual platform, not all system processes start. This known issue only occurs on initial boot, and not in an upgrade scenario.

Workaround: Reboot the E-SBC a second time, after it initially starts.

CZ810m1 TBD


The embedded communications monitor probe does not send IPv6 traffic to the Oracle Communications Operations Monitor's mediation engine. SCZ800 TBD

When running TLS Chat on VMware-PV 4core (SSFD) + 16GB, TLS Chat sessions are gradually decreasing. When looking in Wireshark at EXFO, EXFO forwards a wrong TLS MSRP Chat payload to EXFO UAS.

TCP Chat doesn't have this error.

The following Known Issues and Caveats have been found not to be present in this release. They are collected here for tracking purposes.
ID Description Found In Fixed In


When running in an HA configuration, the secondary E-SBC might go out of service (OoS) during upgrades, switchovers, and other HA processes while transitioning from the "Becoming Standby" state. Oracle observes such behavior in approximately 25% of these circumstances. You can verify the issue with log.berpd, which can indicate that the media did not synchronize.

Workaround: Reboot the secondary until it successfully reaches the "Standby" state.



The system does not support TSM.



When recording transcoded streams under load, sometimes the recorder might receive only a single stream.


Calls that require LMSD interworking as invoked by the lmsd-interworking option on a SIP interface do not work in pooled transcoding architectures. During call establishment, when sending the 200 OK back to the original caller, the cached SDP is not included.

N/A The T.140-Baudot Relay is not excluded from pooled transcoding support. N/A N/A