realm-config
The realm-config element is used to configure realms.
Parameters
- identifier
- Enter the name of the realm associated with this Oracle Communications Session Border Controller. This is a required field. The identifier field value must be unique.
- description
- Provide a brief description of the realm-config configuration element
- addr-prefix
- Enter the IP
address prefix used to determine if an IP address is associated with the realm.
This field is entered as an IP address and number of bits in the network
portion of the address in standard slash notation.
- Default: 0.0.0.0
- network-interface
- Enter the network
interface through which this realm can be reached. Entries in this parameter
take the form:
<network-interface-ID>:<subport>.<ip_version>.
Note:
Only one network interface can be assigned to a single realm-config object. - mm-in-realm
- Enable or disable
media being steered through the
Oracle Communications Session Border Controller when the communicating endpoints are located in the
same realm
- Default: disabled
- Values: enabled | disabled
- mm-in-network
- Enable or disable
media being steered through the
Oracle Communications Session Border Controller when the communicating endpoints are located in
different realms within the same network (on the same network-interface). If
this field is set to enabled, the
Oracle Communications Session Border Controller will steer all media traveling between two endpoints
located in different realms, but within the same network. If this field is set
to disabled, then each endpoint will send its media directly to the other
endpoint located in a different realm, but within the same network.
- Default: enabled
- Values: enabled | disabled
- mm-same-ip
- Enable the media
to go through this
Oracle Communications Session Border Controller if the mm-in-realm . When not enabled, the media will
not go through the
Oracle Communications Session Border Controller for endpoints that are behind the same IP.
- Default: enabled
- Values: enabled | disabled
- mm-in-system
- Set this parameter
to enabled to manage/latch/steer media in the
Oracle Communications Session Border Controller. Set this parameter to disabled to release media in
the
Oracle Communications Session Border Controller.
Note:
Setting this parameter to disabled will cause the Oracle Communications Session Border Controller to NOT steer media through the system (no media flowing through this Oracle Communications Session Border Controller).- Default: enabled
- Values: enabled | disabled
- bw-cac-non-mm
- Set this parameter
to enabled to turn on bandwidth CAC for media release
- Default: disabled
- Values: enabled | disabled
- msm-release
- Enable or disable
the inclusion of multi-system (multiple
Oracle Communications Session Border Controllers) media release information in the SIP signaling
request sent into the realm identified by this realm-config element. If this
field is set to enabled, another
Oracle Communications Session Border Controller is allowed to decode the encoded SIP signaling
request message data sent from a SIP endpoint to another SIP endpoint in the
same network to restore the original SDP and subsequently allow the media to
flow directly between those two SIP endpoints in the same network serviced by
multiple
Oracle Communications Session Border Controllers. If this field is set to disabled, the media and
signaling will pass through both
Oracle Communications Session Border Controllers. If this field is set to enabled, the media is
directed directly between the endpoints of a call.
- Default: disabled
- Values: enabled | disabled
- qos-enable
- Enable or disable
the use of QoS in this realm
- Default: disabled
- Values: enabled | disabled
- generate-udp-checksum
- Enable or disable
the realm to generate a UDP checksum for RTP/RTCP packets.
- Default: disabled
- Values: enabled | disabled
This parameter is visible only on Acme Packet 3800s and Acme Packet 4500s that do not have an ETC card installed. The function is enabled and not configurable on all other platforms.
- max-bandwidth
- Enter the total
bandwidth budget in kilobits per second for all flows to/from the realm defined
in this element. A max-bandwidth field value of 0 indicates unlimited
bandwidth.
- Default: 0
- Values: Min: 0 / Max: 4294967295
- fallback-bandwidth
- Enter the amount
of bandwidth available once the
Oracle Communications Session Border Controller has determined that the target (of ICMP pings) is
unreachable.
- Default: 0
- Values: Min: 0
- max-priority-bandwidth
- Enter the amount
of bandwidth amount of bandwidth you want to want to use for priority
(emergency) calls; the system first checks the max-bandwidth parameter, and
allows the call if the value you set for priority calls is sufficient.
- Default: 0
- Values: Min: 0 | Max: 999999999
- max-latency
- This parameter is unsupported.
- max-jitter
- This parameter is unsupported.
- max-packet-loss
- This parameter is unsupported.
- observ-window-size
- This parameter is unsupported.
- parent-realm
- Enter the parent realm for this particular realm. This must reference an existing realm identifier.
- dns-realm
- Enter the realm whose network interface’s DNS server should be used to resolve FQDNs for requests sent into the realm. If this field value is left empty, the Oracle Communications Session Border Controller will use the DNS of the realm’s network interface.
- media-policy
- Select a media-policy on a per-realm basis (via an association between the name field value configured in this field). When the Oracle Communications Session Border Controller first sets up a SIP or H.323 media session, it identifies the egress realm of each flow and then determines the media-policy element to apply to the flow. This parameter must correspond to a valid name entry in a media policy element.
- media-sec-policy
-
Name of default media security policy.
- rtcp-mux
- Select to enable RTCP multiplexing, which allows Real-Time Protocol (RTP) and Real-Time Control Protocol (RTCP) packets to use the same media port numbers.
- ice-profile
- Specify the name of an exitsing ICE profile, which enables a WebRTC client to perform connectivity checks and can provide several STUN servers to the browser.
- dtls-srtp-profile
- Specify the name of an existing DTLS SRTP profile, which defines the key exchange and DTLS handshake on a media session, the role the SBC negotiates when offered alternatives, and the crypto suites to use.
- srtp-msm-passthrough
- Enables multi
system selective SRTP pass through in this realm.
- Default: disabled
- Values: enabled | disabled
- class-profile
- Enter the name of class-profile to use for this realm for ToS marking
- in-translationid
- Enter the identifier/name of a session-translation element. The Oracle Communications Session Border Controller applies this group of rules to the incoming addresses for this realm. There can be only one entry in this parameter.
- out-translationid
- Enter the identifier/name of a session-translation element. The Oracle Communications Session Border Controller applies this group of rules to the outgoing addresses for this realm. There can be only one entry in this parameter.
- in-manipulationid
- Enter the inbound SIP manipulation rule name
- out-manipulationid
- Enter the outbound SIP manipulation rule name
- average-rate-limit
- Enter the average
data rate in bits per second for host path traffic from a trusted source
- Default: 0 (disabled)
- Values: Min: 0 | Max: 4294967295
- access-control-trust-level
- Select a trust
level for the host within the realm
- Default: none
- Values:
- high—Hosts always remains trusted
- medium—Hosts belonging to this realm can get promoted to trusted, but can only get demoted to untrusted. Hosts will never be put in black-list.
- low—Hosts can be promoted to trusted list or can get demoted to untrusted list
- none—Hosts will always remain untrusted. Will never be promoted to trusted list or will never get demoted to untrusted list
- invalid-signal-threshold
- Enter the
acceptable invalid signaling message rate falling within a tolerance window
- Default: 0
- Values: Min: 0 | Max: 4294967295
- maximum-signal-threshold
- Enter the maximum
number of signaling messages allowed within the tolerance window
- Default: 0 (disabled)
- Values: Min: 0 | Max: 4294967295
- untrusted-signal-threshold
- Enter the allowed
maximum signaling messages within a tolerance window.
- Default: 0
- Values: Min: 0 | Max: 4294967295
- nat-trust-threshold
- Enter maximum
number of denied endpoints that set the NAT device they are behind to denied. 0
means dynamic demotion of NAT devices is disabled.
- Default: 0
- Values: Min: 0 | Max: 65535
- max-endpoints-per-nat
- Maximum number of
endpoints that can exist behind a NAT before demoting the NAT device.
- Default: 0 (disabled)
- Values: Min: 0 | Max: 65535
- nat-invalid-message-threshold
- Maximum number of
invalid messages that may originate behind a NAT before demoting the NAT
device.
- Default: 0 (disabled)
- Values: Min: 0 | Max: 65535
- wait-time-for-invalid-register
- Period (in
seconds) that the counts before considering the absence of the REGISTER message
as an invalid message.
- Default: 0 (disabled)
- Values: Min: 0, 4-300
- deny-period
- Enter the length
of time an entry is posted in the deny list
- Default: 30
- Values: Min: 0 / Max: 4294967295
- cac-failure-threshold
- Enter the number
of CAC failures for any single endpoint that will demote it from the trusted
queue to the untrusted queue for this realm.
- Default: 0
- Values: Min: 0 / Max:141842
- untrust-cac-failure-threshold
- Enter the number
of CAC failures for any single endpoint that will demote it from the untrusted
queue to the denied queue for this realm.
- Default: 0
- Values: Min: 0 / Max: 4294967295
- ext-pol-server
- Name of external policy server.
- diam-e2-address-realm
- The value inserted into a Diameter e2 Address-Realm AVP when a message is received on this realm.
- symmetric-latching
- Enable, disable
and manage symmetric latching between endpoints for RTP traffic.
- Default: disabled
- enabled
- disabled
- pre-emptive - symmetric latching is enabled, but the SBC sends RTP packets to the received SDP connection address without waiting on the latch.
- pai-strip
- Enable or disable
P-Asserted-Identity headers being stripped from SIP messages as they exit the
Oracle Communications Session Border Controller. The PAI header stripping function is dependent on
this parameter and the trust-me parameter.
- Default: disabled
- Values: enabled | disabled
- trunk-context
- Enter the default trunk context for this realm
- early-media-allow
- Select the early
media suppression for the realm
- Values:
- none: No early media is allowed in either direction
- both: Early media is allowed in both directions
- reverse: Early media received by Oracle Communications Session Border Controller in the reverse direction is allowed
- Values:
- enforcement-profile
- Enter the name of the enforcement profile (SIP allowed methods).
- additional-prefixes
- Enter one or more additional address prefixes. Not specifying the number of bits to use implies all 32 bits of the address are used to match.
- add-additional-prefixes
- Add one or more additional address prefixes. Not specifying the number of bits to use implies all 32 bits of the address are used to match.
- remove-additional-prefixes
- Remove one or more additional address prefixes. Not specifying the number of bits to use implies all 32 bits of the address are used to match.
- restricted-latching
- Set the restricted
latching mode
- Default: None
- Values:
- none: No restricted latching
- sdp: Use the IP address specified in the SDP for latching purpose
- peer-ip: Use the peer-ip (Layer 3 address) for the latching purpose
- restriction-mask
- Set the restricted
latching mask value.
- Default: 32
- Values: Min: 1 | Max: 128
- user-cac-mode
- Set this parameter
to the per user CAC mode that you want to use
- Default: none
- Values:
- none—No user CAC for users in this realm
- AOR—User CAC per AOR
- IP—User CAC per IP
- user-cac-bandwidth
- Enter the maximum bandwidth per user for dynamic flows to and from the user. By leaving this parameter set to 0 (default), there is unlimited bandwidth and the per user CAC feature is disabled for constraint of bandwidth.
- user-cac-sessions
- Enter the maximum
number of sessions per user for dynamic flows to and from the user. Leaving
this parameter set to 0 (default), there is unlimited sessions and the CAC
feature is disabled for constraint on sessions
- Default: 0
- Values: Min: 0 / Max: 999999999
- icmp-detect-multiplier
- Enter the
multiplier to use when determining how long to send ICMP pings before
considering a target unreachable. This number multiplied by the time set for
the icmp-advertisement-interval determines the length of time
- Default: 0
- Values: Min: 0
- icmp-advertisement-interval
- Enter the time in
seconds between ICMP pings the
Oracle Communications Session Border Controller sends to the target.
- Default: 0
- Values: Min: 0
- icmp-target-ip
- Enter the IP
address to which the
Oracle Communications Session Border Controller should send the ICMP pings so that it can detect when
they fail and it needs to switch to the fallback bandwidth for the realm.
- Default: (empty)
- monthly-minutes
- Enter the monthly
minutes allowed
- Default: disabled
- Values: Min: 0 / Max: 71582788
- options
- Enter any optional features or parameters
- accounting-enable
- Select whether you
want accounting enabled within the realm
- Default: enabled
- Values: enabled | disabled
- net-management-control
- Enable or disable
network management controls for this realm
- Default: disabled
- Values: enabled | disabled
- delay-media-update
- Enable or disable
media update delay
- Default: disabled
- Values: enabled | disabled
- refer-call-transfer
- REFER call
transfer
- Default: disabled
- Values: enabled | disabled | dynamic
- refer-notify-provisional
- Provisional mode
for sending NOTIFY message
- Default: none
- Values:
- none: no intermediate NOTIFY's are to be sent
- initial: immediate 100 Trying NOTIFY has to be sent
- all: immediate 100 Trying NOTIFY plus a NOTIFY for each non-100 provisional received by the SD are to be sent
- dyn-refer-term
- Enable or disable
the
Oracle Communications Session Border Controller to terminate a SIP REFER and issue a new INVITE. If
the dyn-refer-term value is disabled (the default), proxy the REFER to the next
hop to complete REFER processing. If the dyn-refer-termvalue is enabled,
terminate the REFER and issue an new INVITE to the referred party to complete
REFER processing.
- Default: disabled
- Values: enabled | disabled
- codec-policy
- Select the codec policy you want to use for this realm
- codec-manip-in-realm
- Enable or disable
codec policy in this realm
- Default: disabled
- Values: enabled | disabled
- codec-manip-in-network
- Enable or disable
codec policy in this network.
- Default: enabled
- enabled | disabled
- constraint-name
- Enter the name of the constraint you want to use for this realm
- call-recording-server-id
- Enter the name of the call recording server associated with this realm
- session-recording-server
- Name of the session-recording-server or the session-recording-group in the realm associated with the session reporting client. Valid values are alpha-numeric characters. session recording groups are indicated by prepending the groupname with SRG:
- session-recording-required
- Determines whether
calls are accepted by the SBC if recording is not available.
- Default: disabled
- enabled—Restricts call sessions from being initiated when a recording server is not available.
- disabled—Allows call sessions to initiate even if the recording server is not available.
- xnq-state
-
set XNQ removal status within this realm
- Default: disabled
- Values: enabled | disabled
- hairpin-id
-
hairpin id.
- Default: 0
- Values: 1-65535 | 0= disabled
- manipulation-string
- Enter a string to be used in header manipulation rules for this realm.
- manipulation-pattern
- Enter the regular expression to be used in header manipulation rules for this realm.
- stun-enable
- Enable or disable
the STUN server support for this realm
- Default: disabled
- Values: enabled | disabled
- stun-server-ip
- Enter the IP
address for the primary STUN server port
- Default: 0.0.0.0
- stun-server-ip
- Enter the IP
address for the primary STUN server port
- Default: 0.0.0.0
- stun-server-port
- Enter the port to
use with the stun-server-ip for primary STUN server port
- Default: 3478
- Values: Min. 1025 | Max. 65535
- stun-changed-ip
- Enter the IP
address for the CHANGED-ADDRESS attribute in Binding Requests received on the
primary STUN server port; must be different from than the one defined for the
stun-server-ip
- Default: 0.0.0.0
- stun-changed-port
- Enter the port
combination to define the CHANGED-ADDRESS attribute in Binding Requests
received on the primary STUN server port
- Default: 3479
- Values: Min. 1025 | Max. 65535
- flow-time-limit
- Enter the total
time limit in seconds for the flow. The
Oracle Communications Session Border Controller notifies the signaling application when this time
limit is exceeded. This field is only applicable to dynamic flows. A value of 0
seconds disables this function and allows the flow to continue indefinitely.
- Default: -1, which allows the system to use the global timer settings for this realm.
- Values: Min: 0 / Max: 2147483647
- initial-guard-timer
- Enter the time in
seconds allowed to elapse before first packet of a flow arrives. If first
packet does not arrive within this time limit,
Oracle Communications Session Border Controller notifies the signaling application. This field is
only applicable to dynamic flows. A value of 0 seconds indicates that no flow
guard processing is required for the flow and disables this function.
- Default: -1, which allows the system to use the global timer settings for this realm.
- Values: Min: 0 / Max: 2147483647
- subsq-guard-timer
- Enter the maximum
time in seconds allowed to elapse between packets in a flow. The
Oracle Communications Session Border Controller notifies the signaling application if this timer is
exceeded. This field is only applicable to dynamic flows. A field value of zero
seconds means that no flow guard processing is required for the flow and
disables this function.
- Default: -1, which allows the system to use the global timer settings for this realm.
- Values: Min: 0 / Max: 2147483647
- tcp-flow-time-limit
- Enter the maximum
time in seconds that a media-over-TCP flow can last
- Default: -1, which allows the system to use the global timer settings for this realm.
- Values: Min: 0 / Max: 2147483647
- tcp-initial-guard-timer
- Enter the maximum
time in seconds allowed to elapse between the initial SYN packet and the next
packet in a media-over-TCP flow
- Default: -1, which allows the system to use the global timer settings for this realm.
- Values: Min: 0 / Max: 2147483647
- tcp-subsq-guard-timer
- Enter the maximum
time in seconds allowed to elapse between all subsequent sequential
media-over-TCP packets
- Default: -1, which allows the system to use the global timer settings for this realm.
- Values: Min: 0 / Max: 2147483647
- sip-profile
- Enter the name of the sip-profile to apply to this realm.
- sip-isup-profile
- Enter the name of the sip-isup-profile to apply to this realm.
- match-media-profiles
- Enter the media
profiles you would like applied to this realm in the form
<name>::<subname>
. See the Oracle Communications Session Border Controller Configuration Guide for information about wildcard values. - qos-constraints
- Enter the name value from the QoS constraints configuration you want to apply to this realm
- block-rtcp
-
Block RTCP from entering or leaving this realm.
- Default: disabled
- Values: enabled | disabled
- hide-egress-media-update
-
Hide changes to ingress RTP egressing into this realm
- Default: disabled
- Values: enabled | disabled
- subscription-id-type
- Sets the supported
Subscription ID Types and the subsequent values inserted into the
Subscription-Id-Data AVP's in an AAR message for Rx transactions.
- END_USER_NONE | END_USER_E164 | END_USER_SIP_URI | END_USER_IMSI
- tcp-media-profile
- A configured tcp-media-profile name to use within this realm. Used for MSRP.
- stun-server-port
- Enter the port to
use with the stun-server-ip for primary STUN server port
- Default: 3478
- Values: Min. 1025 | Max. 65535
- tcp-media-profile
- A configured tcp-media-profile name to use within this realm. Used for MSRP.
- monitoring-filters
- Comma-separated list of monitoring filters used for SIP monitor and trace.
- node-functionality
- Sets the value
inserted into the node-functionality AVP in Rf messages going into this realm.
- P-CSCF
- BGCF
- IBCF
- E-CSCF
- "" - This indicates that this realm should revert to the global node-functionality value.
- default-location-string
- Used for NPLI functionality.
- alt-realm-family
- The realm name of the alternate realm, from which to use an IP address in the other address family. If this parameter is within an IPv4 realm configuration, you will enter an IPv6 realm name.
- pref-addr-type
- Order in which the
a=altc: lines suggest
preference.
- Default: none
- Values: none | ipv4 | ipv6
- dns-max-response-size
- Enter the maximum
size of the DNS response to queries.
- Default: 0; disabled
- Value: 65535
- session-max-life-limit
- Enter the maximum
interval in seconds before the system must terminate long duration calls. This
value supercedes the value of
session-max-life-limit
in the
sip-interface and
sip-config
configuration elements and is itself superceded by the value of session-max-life-limit
in the
session-agent
configuration element.
- Default: 0; disabled
- Values: configurable number of seconds
- sm-icsi-match-for-invite
- The ICSI URN to match on to increment the session-based messaging
counters.
- Default: urn:rrn-7:3gpp-service.ims.icsi.oma.cpm.msg
- sm-icsi-match-for-message
- The ICSI URN to match on to increment the event-based messaging
counters.
- Default: urn:rrn-7:3gpp-service.ims.icsi.oma.cpm.largemsg
- ringback-file
- Specifies the name of the media file, stored previously in /code/media, that the system plays when triggered for this realm.
- ringback-trigger
- Specifies when the system triggers the local media playback
function.
- Default: disabled
- 180-force—Defines the trigger by which the system starts local media playback to caller. This parameter causes playback trigger whenever the called leg responds with a 180 message.
- 180-no-sdp—Defines the trigger by which the system starts local media playback to caller. This parameter causes playback trigger whenever the called leg responds with a 180 message that does not include SDP.
- teams-fqdn-uri
- Reserved for use with Microsoft Teams only.
Note:
This parameter uses the hostname configured under network-interface. - sdp-active-only
- Reserved for use with Microsoft Teams only.
Path
realm-config is an element under the media-manager path. The full path from the topmost ACLI prompt is:
Note:
This is a multiple instance configuration subelement.