Configuration Overview

The Oracle Communications Session Border Controller uses three configuration spaces: the current configuration, last-saved configuration, and the running configuration. The current configuration is a temporary workspace where changes to the configuration are initially stored before they go “live.” Once you are satisfied with your edits, they are saved to the last-saved configuration space, as a backup configuration that is persistent across reboot. Finally, when you execute the activate-config command the system goes live using this configuration and makes a copy of the configuration. The copy is also stored on the file system and is called the running configuration, reflecting the running state of the Oracle Communications Session Border Controller.

The following table lists the three configuration spaces along with the creation command and location of configuration.

Configuration Name	ACLI Command to create	Location of Configuration
Current Configuration	done	/opt/data
Last-saved Configuration	save-config	/code/config
Running Configuration	activate-config	/opt/running

Configuration Process

To make configuration changes, set a current configuration, create a last-saved configuration, and finally enact your changes by making a running configuration:

Set all the necessary parameters on the Oracle Communications Session Border Controller. Each time you complete configuring a full configuration element, type done to set that element and update the current configuration. When all configuration elements are set, back out of configuration tree to the topmost ACLI level at the superuser prompt. The following example sets an arbitrary configuration element and backs you out to the superuser prompt.
```
ORACLE(host-route)# dest-network 10.0.0.0
ORACLE(host-route)# netmask 255.255.0.0
ORACLE(host-route)# gateway 172.30.0.1
ORACLE(host-route)# done
host-routes
        dest-network                   10.0.0.0
        netmask                        255.255.0.0
        gateway                        172.30.0.1
ORACLE(host-route)# exit
ORACLE(system)# exit
ORACLE(configure)# exit
```

Save all configurations to the last-saved configuration by using the save-config command. This step is mandatory.

ORACLE# save-config
Save-Config received, processing.
waiting 1200 for request to finish
Request to 'SAVE-CONFIG' has Finished,
Save complete
Currently active and saved configurations do not match!
To sync & activate, run 'activate-config' or 'reboot activate'.
ORACLE#

Set the Oracle Communications Session Border Controller to enact the last-saved configuration into the running state by using the activate-config command. This will make the last-saved configuration the running configuration and write it to the local file system.
```
ORACLE# activate-config
Activate-Config received, processing.
waiting 120000 for request to finish
H323 Active Stack Cnt:  0
Request to 'ACTIVATE-CONFIG' has Finished,
Activate Complete
ORACLE#
```

Verifying & Regenerating Configurations

The verify-config command checks the consistency of configuration elements that make up the current configuration and should be carried out prior to activating a configuration on the Oracle Communications Session Border Controller.

When the verify-config command is run, anything configured that is inconsistent produces either an error or a warning message. An error message lets the user know that there is something wrong in the configuration that will affect the way Oracle Communications Session Border Controller runs. A warning message lets the user know that there is something wrong in the configuration, but it will not affect the way the Oracle Communications Session Border Controller runs. The following is an example of the verify-config output:

ORACLE# verify-config
--------------------------------------------------------------------------------
ERROR: realm-config [r172] is missing entry for network-interface
ERROR: sip-nat [nat172] is missing ext-address entry
ERROR: sip-nat [nat172] is missing ext-proxy-address entry
ERROR: sip-nat [nat172] is missing domain-suffix entry
WARNING: sip-nat [nat172] has ext-address [5.6.7.8] which is different from sip-interface [sip172] sip-port address [1.2.3.4]
--------------------------------------------------------------------------------
Total:
4 errors
1 warning

Every time a user executes the save-config command, verify-config is automatically run. If any configuration problems are found, you receive a message pointing to the number of errors found during the saving, along with a recommendation to run the verify-config command to view the errors fully. The following is an example of the save-config verification output:

ORACLE# save-config
-------------------------------------------------------------------
Results of config verification:
   4 configuration errors
   2 configuration warnings
Run verify-config for more details
-------------------------------------------------------------------
Save-Config received, processing.
waiting 1200 for request to finish
Request to 'SAVE-CONFIG' has Finished,
Save complete
Currently active and saved configurations do not match!
To sync & activate, run 'activate-config' or 'reboot activate'.

Verifying Address Duplication

The verify-config command, entered either directly or via the save-config command, checks for address duplication for a given network-interface within a configuration. Addresses are checked for duplication based on the following criteria:

Every address entered is checked against the Primary and Secondary Utility addresses
All UDP, TCP, and TFTP addresses are checked against other UDP, TCP, and TFTP addresses respectively within the same port range

The following tables display the entire list of addresses which are checked for duplication, the network-interface or realm which they are checked against, and the port range:

Network-Interface

Parameter Name	Address Type	Network Interface or Realm
pri-utility-addr	Primary	itself
sec-utility-addr	Secondary	itself
ip-address	Unknown	itself
ftp-address	Unknown	itself
snmp-address	Unknown	itself
telnet-address	Unknown	itself
dns-ip-primary	Unknown	itself
dns-ip-backup1	Unknown	itself
dns-ip-backup2	Unknown	itself
hip-ip-address	Unknown	itself
icmp-address	Unknown	itself

Steering-Pool

Parameter Name	Address Type	Network Interface or Realm	Port Start	Port End
ip-address	UDP	network-interface or realm-id	start-port	end-port

SIP-Interface

Parameter Name	Address Type	Network Interface or Realm	Port Start	Port End
sip-port address	transport-protocol (UDP or TCP)	realm-id	sip-port port	0
sip-port address	UDP if transport-protocol is UDP	realm-id	port-map-start	port-map-end

SIP-NAT

Parameter Name	Address Type	Network Interface or Realm
ext-proxy-address	Unknown	realm-id
home-proxy-address	Unknown	realm-id
home-address	Unknown	realm-id
ext-address	Unknown	realm-id

* The home-address value must be unique across all network interfaces configured on the Oracle Communications Session Border Controller.

H323-Stack

Parameter Name	Address Type	Network Interface or Realm	Port Start	Port End
local-ip	TCP	realm-id	q031-port	0
local-ip	TCP	realm-id	q931-start-port	q931-start-port + q931-number-ports - 1
local-ip	TCP	realm-id	dynamic-start-port	dynamic-start-port + dynamic-number-port - 1
local-ip	UDP	realm-id	ras-port	0
gatekeeper	Unknown	realm-id	0	0
alternate-protocol	UDP	realm-id	it’s port	0

* If an h323-stack’s q931-port (TCP) parameter is configured with a value of 1720, there is an address duplication exception. This configured port can exist within two port map ranges; the value of q931-start-port and its entire port range, and the value of dynamic-start-port and its entire port range.

Local-Policy Local-Policy-Attributes

Parameter Name	Address Type	Network Interface or Realm	Port Start	Port End
next-hop	Unknown	realm	0	0

Session-Agent

Parameter Name	Address Type	Network Interface or Realm	Port Start
ip-address	UDP or TCP	realm-id	port
host-name (If different from ip-address)	UDP or TCP	realm-id	port
ip-address	UDP or TCP	egress-realm-id if no realm-id or different from it	port
host-name (If different from ip-address)	UDP or TCP	egress-realm-id if no realm-id or different from it	port

Static-Flow

Parameter Name	Address Type	Network Interface or Realm	Port Start	Port End
in-source/32	Unknown	in-realm-id	0	0
in-destination/32	UDP or TCP if ALG is TFTP or otherwise unknown	in-realm-id	start-port	end-port
out-source/32	UDP or TCP if ALG is TFTP or NAPT otherwise unknown	out-realm-id	start-port	end-port
out-destination/32	Unknown	out-realm-id	0	0

Capture-Receiver

Parameter Name	Address Type	Network Interface or Realm	Port Start	Port End
address	Unknown	network-interface	0	0

Realm-Config

Parameter Name	Address Type	Network Interface or Realm	Port Start
stun-server-ip	UDP	network-interfaces	stun-server-port
stun-server-ip	UDP	network-interfaces	stun-changed-port
stun-changed-ip	UDP	network-interfaces	stun-server-port
stun-changed-ip	UDP	network-interfaces	stun-changed-port

Verify-Config Errors and Warnings

The following tables list every error and warning the verify-config command produces for each configuration element:

Access-Control

Error Text	Reason for Error
WARNING: access-control [id] has unsupported application-protocol [x]	Unsupported protocols [x]
ERROR: access-control [id] has reference to realm-id [xyz] which does not exist	Realm was not found in realm table

Account-Config

Error Text	Reason for Error
ERROR: account-config is enabled, but there are no account servers configured	State is enabled, file-output is disabled and there are not servers
WARNING: account-config is enabled, there are no account-servers configured, but ftp-push is disabled	State and file-output are enabled, there are not account servers and ftp-push is disabled
WARNING: account-config is enabled, account-servers are configured, file-output is disabled, but ftp-push is enabled	State and ftp-push are enabled, account servers are configured, file-output is disabled
ERROR : account-config is enabled, ftp-push is enabled, but there is no ftp-address entered or push-receiver configured	State and ftp-push are enabled, but there is no ftp-address or push-receiver configured
ERROR: account-config has reference to push-receiver [xyz] which can not get password	Password failed decryption
ERROR: account-config has reference to push-receiver [xyz] which does not have remote-path set	Push-receiver has no remote-path set
ERROR: account-config has reference to push-receiver [xyz] which does not have username set	Push-receiver has no username set
ERROR: account-config has reference to push-receiver [xyz] which does not have password set for protocol FTP	Push-receiver has no password set for FTP
WARNING: account-config has reference to push-receiver [xyz] with a public key set, but protocol is set to FTP	Push-receiver has set public key, but protocol is FTP
ERROR: account-config has reference to push-receiver [xyz] which does not have password or public key set for protocol SFTP	Push-receiver has no password or public key set for SFTP
ERROR: account-config has push-receiver [xyz] with reference to public-key [zyx] which does not exist	Public key was not found in public key table
ERROR: account-config has account-server [IP:Port] with empty secret	Account-server [IP:Port] has empty secret field

Authentication

Error Text	Reason for Error
ERROR: authentication has specified unsupported protocol [x] for type [y]	Unsupported protocols for given type
ERROR: authentication has no configured active radius servers for authentication type [x]	No configured active radius for given type

Call-Recording-Server

Error Text	Reason for Error
ERROR: call-recording-server must have a name	Name is missing
ERROR: call-recording-server [id] must have a primary-signaling-addr or primary-media-addr	There has to be either primary signaling or media address
ERROR: call-recording-server [id] is missing primary-realm	Realm name is missing
ERROR: call-recording-server [id] has reference to the primary-realm [xyz] which does not exist	Primary-realm [xyz] was not found in realm-config table
ERROR: call-recording-server [id] has reference to the secondary-realm [xyz] which does not exist	Secondary-realm [xyz] was not found in realm-config table

Capture-Receiver

Error Text	Reason for Error
ERROR: capture-receiver [id] has reference to network-interface [xyz] which does not exist	Network-interface was not found in network-interface table

Certificate-Record

Error Text	Reason for Error
ERROR: certificate-record [id] is not trusted and will not be loaded	Certificate record is not trusted
ERROR: certificate-record [id] cannot extract private key	Certificate record failed to extract the private key
ERROR: certificate-record [id] cannot convert PKCS7 string to structure	Failure to convert PKCS7 record to the structure

Class-Policy

Error Text	Reason for Error
ERROR: class-policy [id] ] has reference to the media-policy [xyz] which does not exist	Media-policy [xyz] was not found in the media-policy table

DNS-Config

Error Text	Reason for Error
ERROR: dns-config [id] is missing client-realm entry	Missing client realm
ERROR: dns-config [id] has reference to client-realm [xyz] which does not exist	Realm was not found in the realm-config table
ERROR: dns-config [id] does not have any server-dns-attributes	Server-dns-attributes are missing
ERROR: dns-config [id] is missing server-realm entry	Realm entry is missing (source address is empty)
ERROR: dns-config [id] is missing server-realm entry for source-address [x]	Realm entry is missing (source address is not empty)
ERROR: dns-config [id] has reference to server-realm [xyz] which does not exist	Realm was not found in the realm-config table

ENUM-Config

Error Text	Reason for Error
ERROR: enum-config [id] is missing realm-id entry	Missing realm
ERROR: enum-config [id] has reference to the realm-id [xyz] which does not exist	Realm [xyz] was not found in realm-config table
ERROR: enum-config [id] has no enum-servers	List of ENUM servers is empty

Ext-Policy-Server

Error Text	Reason for Error
ERROR: ext-policy-server [id] is missing realm entry	Missing realm
ERROR: ext-policy-server [id] address is not valid	Invalid address entry
ERROR: ext-policy-server [id] has reference to protocol [xyz] which is not valid	Invalid protocol entry
ERROR: ext-policy-server [id] has reference to realm [xyz] which does not exist	Realm was not found in the realm-config table

H323-Stack

Error Text	Reason for Error
ERROR: h323-stack [id] has no realm-id	Missing realm entry
ERROR: h323-stack [id] has reference to the realm-id [xyz] which does not exist	Realm was not found in the realm-config table
WARNING: h323-stack [id] is missing local-ip address entry	Missing address entry
WARNING : h323-stack [id] has reference to media-profile [xyz] which does not exist	Media profile was not found in media profile table
ERROR: h323-stack [id] has reference to the assoc-stack [xyz] which does not exist	Stack name was not found in the h323-stack table

Host-Route

Error Text	Reason for Error
WARNING: host-route [id] has reference to gateway [xyz] which does not exist in any network-interface	gateway entry was not found in any network-interface object

IWF-Config

Error Text	Reason for Error
WARNING: iwf-config has reference to media-profile [xyz] which does not exist	media profile was not found in media profile table

Local-Policy

Error Text	Reason for Error
ERROR: local-policy [id] has reference to source-realm [xyz] which does not exist	Source-realm [xyz] was not found in realm-config table
WARNING: local-policy [id] has no policy-attributes set	No policy-attributes set
ERROR: local-policy-attribute [id1] from local-policy [id2] has reference to realm [xyz] which does not exist	Realm [xyz] was not found in realm-config table
ERROR: local-policy-attribute [id1] from local-policy [id2] is missing next-hop entry	Next-hop is missing for given attribute
ERROR: local-policy-attribute [id1] from local-policy [id2] has reference to next-hop [xyz] which is invalid	Invalid value for the next-hop
ERROR: local-policy-attribute [id1] from local-policy [id2] has reference to next-hop [xyz] which does not exist	Value for the next-hop was not found (either from enum-config, or lrt-config, or session-group)
WARNING: local-policy-attribute [id] from local-policy [di] has reference to media-policy [xyz] which does not exist	Media-policy [xyz] was not found in media-policy table

Local-Routing-Config

Error Text	Reason for Error
ERROR: local-routing-config [id] has reference to the file-name [xyz] which does not exist	specified file is missing from /boot/code/lrt folder

Network-Interface

Error Text	Reason for Error
ERROR: network-interface [id] has reference to phy-interface [xyz] which does not exist	Phy-interface [xyz] was not found in phy-interface table
ERROR: network-interface [id] is missing pri-utility-addr entry	If redundancy is enabled pri-utility-addr entry has to be entered
ERROR: network-interface [id] is missing sec-utility-addr entry	If redundancy is enabled sec-utility-addr entry has to be entered
ERROR: network-interface [id] has reference to DNS address, but dns-domain is empty	Dns-domain is empty. Word “address” will be plural addresses if there are more DNS addresses entered
ERROR: network-interface [id] has reference to DNS address, but ip-address is empty	Ip-address is empty. Word “address” will be plural addresses if there are more DNS addresses entered

Phy-Interface

Error Text	Reason for Error
ERROR: phy-interface [id] has invalid operation-type value [x]	Operation-type value is invalid
ERROR: phy-interface [id] of type [x] with port [y] and slot [z] has invalid name	If type is MAINTENANCE or CONTROL name has to start with either “eth” or wancom
ERROR: phy-interface [id] of type [x] has duplicated port [y] and slot [z] values with phy-interface [di]	Port and slot values are duplicated with another phy-interface

Public-Key

Error Text	Reason for Error
ERROR: public-key [id] has no public/private key pair generated for public-key [x]	No public/private key generated
ERROR: public-key [id] cannot extract private key	Cannot extract private key

Realm-Config

Error Text	Reason for Error
ERROR: realm-config [id] has reference to ext-policy-svr [xyz] which doe not exist	Missing external BW manager
ERROR: realm-config [id] is missing entry for network-interface	Missing Network Interface
ERROR: realm-config [id] has reference to network-interface [xyz] which does not exist	Network interface was not found in network-interface table
ERROR: realm-config [id] has reference to media-policy [xyz] which does not exist	Media-policy was not found in media-policy table
ERROR: realm-config [id] has reference to class-profile [xyz] which does not exist	Class-profile was not found in class-profile table
ERROR: realm-config [id] has reference to in-translationid [xyz] which does not exist	In-translationid was not found in session translation table
ERROR: realm-config [id] has reference to out-translationid [xyz] which does not exist	Out-translationid was not found in session translation table
ERROR: realm-config [id] has reference to in-manipulationid [xyz] which does not exist	In-manipulationid was not found in manipulation table
ERROR: realm-config [id] has reference to out-manipulationid [xyz] which does not exist	Out-manipulationid was not found in manipulation table
ERROR: realm-config [id] has reference to enforcement-profile [xyz] which does not exist	Enforcement-profile was not found in enforcement-profile table
ERROR: realm-config [id] has reference to call-recording-server-id [xyz] which does not exist	Call-recording-server-id was not found in call-recording-server-table
ERROR: realm-config [id] has reference to codec-policy [xyz] which does not exist	Codec-policy was not found in codec-policy table
ERROR: realm-config [id] has reference to constraint-name [xyz] which does not exist	Constraint-name was not found in session constraint table
ERROR: realm-config [id] has reference to qos-constraint [xyz] which does not exist	Qos-constraint was not found in qos constraint table
ERROR: realm-config [id] with parent-realm [xyz] are part of circular nested realms	Realm and its parent realm are part of the closed loop where they referring back to themselves
ERROR: realm-config [id] has reference to dns-realm [xyz] which does not exist	Dns-realm doesn’t exist in the realm table
WARNING: realm-config [id] has reference to itself as a parent (parent-realm value ignored)	Realm name and parent name are the same
ERROR: realm-config [id] has reference to parent-realm [xyz] which does not exist	Parent realm doesn’t exist in the realm table
ERROR: realm-config [id] has identical stun-server-port and stun-changed port [x]	Stun-server-ip is identical to stun-changed-ip, when stun is enabled
ERROR: realm-config [id] has identical stun-server-ip and stun-changed-ip [x]	Stun-server-port is identical to stun-changed-port, when stun is enabled

Realm-Group

Error Text	Reason for Error
ERROR: realm-group [id] has reference to source-realm [xyz] which does not exist	Realm was not found in realm-config table
ERROR: realm-group [id] has reference to destination-realm [xyz] which does not exist	Realm was not found in realm-config table

Redundancy

Error Text	Reason for Error
ERROR: redundancy-config peer [id] has Address [x] which does not match pri-utility-addr from network-interface [y]	If redundancy is enabled, peer IP addresses have to match Primary Utility addresses from specified network-interface (pri-utility-addr is missing here)
ERROR: redundancy-config peer [id] has Address [x] which does not match pri-utility-addr [z] from network-interface [y]	If redundancy is enabled, peer IP addresses have to match Primary Utility addresses from specified network-interface
ERROR: redundancy-config peer [id] has Address [x] which does not match sec-utility-addr from network-interface [y]	If redundancy is enabled, peer IP addresses have to match Secondary Utility addresses from specified network-interface (sec-utility-addr is missing here)
ERROR: redundancy-config peer [id] has IP Address [x] which does not match sec-utility-addr [z] from network-interface [y]	If redundancy is enabled, peer IP addresses have to match Secondary Utility addresses from specified network-interface
ERROR: redundancy-config peer [id] has reference to network-interface [xyz] which does not exist	Network-interface [xyz] was not found in network-interface table
ERROR: redundancy-config peer [id] is missing destination object	Destination object is missing
ERROR: redundancy-config is missing Primary peer object	Primary peer object is missing
ERROR: redundancy-config is missing Secondary peer object	Secondary peer object is missing
ERROR: redundancy-config is missing both Primary and Secondary peer objects	Primary and Secondary peer objects are missing

Security-Association

Error Text	Reason for Error
ERROR: security-association [id] is missing network-interface entry	Missing network-interface entry
ERROR: security-association [id] has reference to network-interface [xyz] which does not exist	Network-interface was not found in network-interface table
ERROR: security-association [id] has invalid local-ip-addr	Invalid local-ip-addr entry
ERROR: security-association [id] has invalid remote-ip-addr	Invalid remote-ip-addr entry
ERROR: security-association [id] has reference to network-interface [xyz] which is not valid IPSEC enabled media interface	Network-interface is not valid IPSEC media interface
ERROR: security-association [id] Unable to decrypt auth-key from configuration. This configuration may not have been saved using this systems configuration password	Failed to decrypt auth-key
ERROR: security-association [id] has auth-algo [hmac-md5] with an auth-key of invalid length, must be 32 hex characters long	Invalid length of the auth-key for auth-algo [hmac-md5]
ERROR: security-association [id] has auth-algo [hmac-sha1] with an auth-key of invalid length, must be 40 hex characters long	Invalid length of the auth-key for auth-algo [hmac-sha1]
ERROR: security-association [id] Unable to decrypt encr-key from configuration. This configuration may not have been saved using this systems configuration password	Failed to decrypt encr-key
ERROR: security-association [id] has encr-algo [xyz] with and encr-key of invalid length, must be 64 bits (odd parity in hex)	Invalid encr-key length for given algorithm
ERROR: security-association [id] has encr-algo [xyz] with and encr-key of invalid length, must be 192 bits (odd parity in hex)	Invalid encr-key length for given algorithm
ERROR: security-association [id] has encr-algo [xyz] with and encr-key of invalid length, must be 128 bits (odd parity in hex)	Invalid encr-key length for given algorithm
ERROR: security-association [id] has encr-algo [xyz] with and encr-key of invalid length, must be 256 bits (odd parity in hex)	Invalid encr-key length for given algorithm
ERROR: security-association [id] has invalid aes-ctr-nonce (must be non-zero value) for encr-algo [xyz]	Has invalid aes-ctr-nonce for given algorithm
ERROR: security-association [id] has invalid tunnel-mode local-ip-addr (will be set to inner local-ip-address)	Invalid tunnel-mode local-ip-addr
ERROR: security-association [id] has invalid tunnel-mode remote-ip-addr (will be set to inner remote-ip-address)	Invalid tunnel-mode remote-ip-addr
ERROR: security-association [id] has invalid espudp local-ip-addr (must be non-zero)	Invalid espudp local-ip-addr
ERROR: security-association [id] has invalid espudp remote-ip-addr (must be non-zero)	Invalid espudp remote-ip-addr
ERROR: security-association [id] has invalid espudp local-port (must be non-zero)	Invalid espudp local-port
ERROR: security-association [id] has invalid espudp remote-port (must be non-zero)	Invalid espudp remote-port

Security-Policy

Error Text	Reason for Error
ERROR: security-policy [id] has invalid local-ip-addr-match	Empty local-ip-addr-match
ERROR: security-policy [id] has invalid local-ip-addr-match [x]	Invalid local-ip-addr-match
ERROR: security-policy [id] has invalid remote-ip-addr-match	Empty remote-ip-addr-match
ERROR: security-policy [id] has invalid remote-ip-addr-match [x]	Invalid remote-ip-addr-match
ERROR: security-policy [id] is missing network-interface entry	Missing network-interface entry
ERROR: security-policy [id] priority [x] is identical to security-policy [id2]	Duplication of the priorities
ERROR: security-policy [id] has reference to network-interface [xyz] which does not exist	Network-interface was not found in network-interface table
ERROR: security-policy [id] has reference to network-interface [xyz] which is not valid IPSEC enabled media interface	Network-interface is not valid IPSEC media interface

Session-Agent

Error Text	Reason for Error
ERROR: session-agent [id] has reference to realm-id [xyz] which does not exist	Realm was not found in realm table
ERROR: session-agent [id] has reference to egress-realm-id [xyz] which does not exist	Realm was not found in realm table
ERROR: session-agent [id] has reference to in-translationid [xyz] which does not exist	Translation id was not found in translation table
ERROR: session-agent [id] has reference to out-translationid [xyz] which does not exist	Translation id was not found in translation table
ERROR: session-agent [id] has reference to in-manipulationid [xyz] which does not exist	Manipulation id was not found in manipulation table
ERROR: session-agent [id] has reference to out-manipulationid [xyz] which does not exist	Manipulation id was not found in manipulation table
ERROR: session-agent [id] has reference to enforcement-profile [xyz] which does not exist	Enforcement-profile was not found in enforcement-profile table
ERROR: session-agent [id] has reference to code-policy [xyz] which does not exist	Codec-policy was not found in codec-policy table
ERROR: session-agent [id] has reference to response-map [xyz] which does not exist	Response-map was not found in response map table
ERROR: session-agent [id] has reference to local-response-map [xyz] which does not exist	Response-map was not found in response map table

Session-Group

Error Text	Reason for Error
ERROR: session-group [id] has reference to session-agent [xyz] which does not exist	Session agent was not found in the session agent table

Session-Translation

Error Text	Reason for Error
ERROR: session-translation [id] has reference to rules-called [xyz] which does not exist	Translation rule was not found in the translation rule table
ERROR: session-translations [id] has reference to rules-calling [xyz] which does not exist	Translation rule was not found in the translation rule table

SIP-Config

Error Text	Reason for Error
ERROR: sip-config has reference to home-realm-id [xyz] which does not exist	Realm was not found in the realm-config table
ERROR: sip-config has reference to egress-realm-id [xyz] which does not exist	Realm was not found in the realm-config table
ERROR: sip-config has reference to enforcement-profile [xyz] which does not exist	Enforcement profile was not found in enforcement profile table
WARNING: sip-config is missing home-realm-id for SIP-NAT, defaults to [sip-internal-realm]	Missing home-realm-id, defaulted to sip-internal-realm
WARNING: sip-config home-realm-id [xyz] does not have a sip-interface	Sip-interface missing for the home realm
WARNING: sip-config has nat-mode set to [None], but there are configured sip-nat objects	Nat-mode needs to be set to either Public or Private if there are sip-nat objects in the configuration
ERROR: sip-config object is disabled	Sip-config is disabled, but there are configured sip-interface objects

SIP-Interface

Error Text	Reason for Error
ERROR: sip-interface [id] is missing realm-id entry	missing realm
ERROR: sip-interface [id] has reference to realm-id [xyz] which does not exist	realm was not found in realm-config table
ERROR: sip-interface [id] has reference to in-manipulationid [xyz] which does not exist	in-manipulationid was not found in manipulation table
ERROR: sip-interface [id] has reference to out-manipulationid [xyz] which does not exist	out-manipulationid was not found in manipulation table
ERROR: sip-interface [id] has reference to enforcement-profile [xyz] which does not exist	enforcement profile was not found in enforcement profile table
ERROR: sip-interface [id] has reference to response-map [xyz] which does not exist	response-map was not found in response-map table
ERROR: sip-interface [id] has reference to local-response-map [xyz] which does not exist	local-response-map was not found in response-map table
ERROR: sip-interface [id] has reference to constraint-name [xyz] which does not exist	constraint-name was not found in session constraint table
ERROR: sip-interface [id] has no sip-ports	sip-ports are missing
ERROR: sip-interface [id] with sip-port [id2] has reference to tls-profile [xyz] which does not exist	tls-profile was not found in TLS profile table (only valid for protocols TLS or DTLS)
ERROR: sip-interface [id] with sip-port [id2] has reference to ims-aka-profile [xyz] which does not exist	ims-aka-profile was not found in Ims-Aka-Profile table (valid for protocols other than TLS or DTLS)
WARNING: sip-interface [id] has no sip-ports, using SIP-NAT external-address	no sip-ports so SIP-NAT external-address is used
WARNING: sip-interface [id] has no valid sip-ports, using SIP-NAT external-address	no valid sip-ports so SIP-NAT external-address is used

SIP-Manipulation

Error Text	Reason for Error
ERROR: sip-manipulation [id] has no header-rules defined	Missing header rules
ERROR: sip-manipulation [id] with header-rule [xyz] is missing new-value entry	Missing new-value entry (checked only for action type sip-manip)
ERROR: sip-manipulation [id] with header-rule [xyz] has reference to new-value [zxy] which does not exist	New-value entry missing from the sip-manipulation table
ERROR: sip-manipulation [id] with header-rule [xyz] has new-value that refers to itself from sip-manipulation [di]	Looping reference between two objects

SIP-NAT

Error Text	Reason for Error
ERROR: sip-nat [id] is missing home-address entry	Missing home-address
ERROR: sip-nat [id] has invalid home-address [x] entry	Invalid home-address entry
ERROR: sip-nat [id] is missing ext-address entry	Missing ext-address
ERROR: sip-nat [id] has invalid ext-address [x] entry	Invalid ext-address entry
ERROR: sip-nat [id] is missing ext-proxy-address entry	Missing ext-proxy-address
ERROR: sip-nat [id] has invalid ext-proxy-address [x] entry	Invalid ext-proxy-address entry
ERROR: sip-nat [id] is missing user-nat-tag entry	Missing user-nat-tag
ERROR: sip-nat [id] is missing host-nat-tag entry	Missing host-nat-tag
ERROR: sip-nat [id] is missing domain-suffix entry	Missing domain-suffix
ERROR: sip-nat [id] is missing realm-id entry	Missing realm entry
ERROR: sip-nat [id] does not match sip-interface realm [xyz]	Sip-interface name was not found in realm table
ERROR: sip-nat [id] does not have a sip-interface	Sip-interface is missing
WARNING: sip-nat [id] has same user-nat-tag as sip-nat [di]	Duplicated user-nat-tag
WARNING: sip-nat [id] has same host-nat-tag as sip-nat [di]	Duplicated host-nat-tag
WARNING: sip-nat [id] has ext-address [x] which is different from sip-interface [di] sip-port address [y]	Sip-nat ext-address needs to be the same as sip-port address
ERROR: sip-nat [id] has same home-address [x] as sip-nat [di]	Duplicated home-address

Static-Flow

Error Text	Reason for Error
ERROR: static-flow [id] is missing in-realm-id entry	Missing in-realm-id
ERROR: static-flow [id] has reference to in-realm-id [xyz] which does not exist	Realm was not found in the realm-config table
ERROR: static-flow [id] is missing out-realm-id entry	Missing out-realm-id
ERROR: static-flow [id] has reference to out-realm-id [xyz] which does not exist	Realm was not found in the realm-config table
ERROR: ext-policy-server [id] has illegal protocol value [xyz]	Invalid protocol entry

Steering-Pool

Error Text	Reason for Error
ERROR: steering-pool [id] has invalid start-port [x]	Invalid start-port value (smaller than 1025)
ERROR: steering-pool [id] has start-port [x] greater than end-port [y]	Start-port value is greater than end-port value
ERROR: steering-pool [id] is missing realm entry	Missing realm entry
ERROR: steering-pool [id] has reference to realm [xyz] which does not exist	Realm [xyz] was not found in realm-config table
ERROR: steering-pool [id] has reference to network-interface [xyz] which does not exist	Network-interface [xyz] was not found in network-interface table

Surrogate-Agent

Error Text	Reason for Error
ERROR: surrogate-agent [id] is missing realm entry	Missing realm entry
ERROR: surrogate-agent [id] has reference to realm [xyz] which does not exist	Realm was not found in the realm-config table
ERROR: surrogate-agent [id] is missing customer-next-hop entry	Missing customer-next-hop entry
ERROR: surrogate-agent [id] is missing register-contact-user entry	Missing register-contact-user entry
ERROR: surrogate-agent [id] is missing register-contact-host entry	Missing register-contact-host entry

System-Config

Error Text	Reason for Error
ERROR: system-config has reference to default-gateway [xyz] which does not exist	gateway was not found in the network-interface table or boot parameters
ERROR: system-config collect has sample-interval [x] greater than push-interval	sample-interval greater than push-interval
ERROR: system-config collect has start-time [x] greater than end-time [y]	Start-time greater than end-time
ERROR: system-config collect has group [xyz] with sample-interval [x] greater than collection push-interval [y]	Group [xyz] has incorrect sample interval
ERROR: system-config collect has group [xyz] with start-time [x] greater than end-time [y]	Group [xyz] has incorrect sample interval
ERROR: system-config collect has no push-receivers defined	No push-receivers defined
ERROR: system-config collect has reference to push-receiver [xyz] which does not have user-name set	No user-name set
ERROR: system-config collect has reference to push-receiver [xyz] which does not have password set	No password set
ERROR: system-config collect has reference to push-receiver [xyz] which does not have address set	No address set
ERROR: system-config collect has reference to push-receiver [xyz] which does not have data-store set	No data-store set

TLS-Profile

Error Text	Reason for Error
ERROR: tls-profile [id] has reference to end-entity-certificate [xyz] which does not have any certificates	End-entity-certificate entry missing certificate or certificate-record is part of config, but record was not imported to the SD
ERROR: tls-profile [id] has end-entity-certificate [xyz] which has an end entry certificate, but the private key is invalid.	Bad private key for the cert-record
ERROR: tls-profile [id] has reference to end-entity-certificate [xyz] which does not exist	Certificate record was not found in cert-record table
ERROR: tls-profile [id] has an end-entity-certificate records without any end entity certificate	End certificate missing from all end-entity-certificate records or none of them where imported to the SD
ERROR: tls-profile [id] found an entry in the trusted-ca-certificates with zero length	Found an empty trusted-ca-record in the list
ERROR: tls-profile [id] has reference to trusted-ca-certificates [xyz] which does not have any certificates	Trusted-ca-records entry missing certificate
ERROR: tls-profile [id] has reference to trusted-ca-certificates [xyz] with PKCS7 structure which does not have any certificates	Trusted-ca-records entry with PKCS7 structure missing certificate
ERROR: tls-profile [id] has reference to trusted-ca-certificates [xyz] which does not exist	Certificate record was not found in cert-record table
ERROR: tls-profile [id] has no trusted-ca- certificates, but mutual-authentication is enabled	No trusted certificates, but enabled mutual-authentication

Viewing Configurations

While configuration archives describe a full Oracle Communications Session Border Controller configuration, you can not display them on the screen for quick reference. To view configurations through a local connection, there are two options.

To display the current configuration on the screen, type show configuration at a command prompt. You can add a specific configuration element after the show configuration command to display only that element on the screen.
```
ORACLE> show configuration host-route
host-routes
        dest-network                   10.0.0.0
        netmask                        255.255.0.0
        gateway                        172.30.0.1
task done
ORACLE>
```
To display the running configuration on the screen, type show running-configuration at a command prompt.

Checking Configuration Versions

The Oracle Communications Session Border Controller maintains a running count of the version of both the running configuration and current configuration. It can be helpful to know when the running and current configurations are out of sync.

While they can differ, the current configuration and the running configuration should generally be the same. After a configuration is modified, saved and activated, the current and running configuration versions should be the same.

To check the version of each configuration:

Type display-current-cfg-version at a command prompt to display the version number of the current configuration.
```
ORACLE> display-current-cfg-version
Current configuration version is 3
ORACLE>
```
Type display-running-cfg-version at a command prompt to display the version number of the running configuration.
```
ORACLE> display-running-cfg-version
Running configuration version is 3
ORACLE>
```

Deleting Configurations

You can completely delete the data in the last-saved configuration with one command. This can be useful if you want to reconfigure your Oracle Communications Session Border Controller starting with a blank configuration. You must reboot your Oracle Communications Session Border Controller after issuing the delete-config command to complete this task.

To delete the running and current configuration:

Type delete-config at a superuser command prompt. You will be prompted to confirm that you want to complete this task.

ORACLE# delete-config
******************************************************
Do you really want to ERASE the current config:? [y/n]?: y
Deleting configuration
NOTE: need to reboot for changes to take effect
task done

Reboot the Oracle Communications Session Border Controller using the reboot command.

Configuration Checkpointing

In an HA configuration, configuration checkpointing copies all configuration activity and changes on one Oracle Communications Session Border Controllerto the other Oracle Communications Session Border Controller. Checkpointed transactions copy added, deleted, or modified configurations from the active system to the standby system. You only need to perform configuration tasks on the active Oracle Communications Session Border Controller because the standby SD will go through the checkpointing process and synchronize its configuration to the active Oracle Communications Session Border Controller to reflect activity and changes.

The acquire-config command is used to manually invoke configuration checkpointing between two Oracle Communications Session Border Controllers in an HA node.

To synchronize the systems in an HA node:

On either the active or standby Oracle Communications Session Border Controller, type acquire-config <IP address of other SD in HA pair>.
- The IPv4 or IPv6 address for the Oracle Communications Session Border Controller from which to acquire the configuration.
- For acquire-config to work, one rear interface on each SD must be named wancom1, and one rear interface on each SD must be named wancom2.
```
ORACLE# acquire-config 10.0.1.8 
```

Following the procedure defined directly above, confirm that the HA node now has synchronized configurations.

ORACLE-1# display-current-cfg-version
Current configuration version is 30
ORACLE-1# display-running-cfg-version
Running configuration version is 30
ORACLE-2# display-current-cfg-version
Current configuration version is 30
ORACLE-2# display-running-cfg-version
Running configuration version is 30