1. Configuration Guide
  2. SIP Signaling Services
  3. SIP Interfaces

SIP Interfaces

This section explains how to configure a SIP interface. The SIP interface defines the transport addresses (IP address and port) upon which theOracle Communications Session Border Controller receives and sends SIP messages.

Overview

The SIP interface defines the signaling interface. You can define a SIP interface for each network or realm to which the Oracle Communications Session Border Controller is connected. SIP interfaces support both UDP and TCP transport, as well as multiple SIP ports (transport addresses). The SIP interface also lets Hosted NAT Traversal (HNT) be used in any realm.

The SIP interface configuration process involves configuring the following features:

  • address and transport protocols (SIP ports)
  • redirect action
  • proxy mode
  • trust mode

About SIP Ports

A SIP port defines the transport address and protocol the Oracle Communications Session Border Controller will use for a SIP interface for the realm. A SIP interface will have one or more SIP ports to define the IP address and port upon which the Oracle Communications Session Border Controller will send and receive messages. For TCP, it defines the address and port upon which the Oracle Communications Session Border Controller will listen for inbound TCP connections for a specific realm.

You need to define at least one SIP port, on which the SIP proxy will listen for connections. If using both UDP and TCP, you must configure more than one port. For example, if a call is sent to the Oracle Communications Session Border Controller using TCP, which it needs to send out as UDP, two SIP ports are needed.

Preferred SIP Port

When a SIP interface contains multiple SIP ports of the same transport protocol, a preferred SIP port for each transport protocol is selected for outgoing requests when the specific SIP port cannot be determined. When forwarding a request that matched a cached registration entry (HNT or normal registration caching), the SIP port upon which the original REGISTER message arrived is used. Otherwise, the preferred SIP port for the selected transport protocol is used. When selecting the preferred SIP port, the default SIP port of 5060 will be selected over other non-default ports.

For SIP interfaces using the SIP NAT function, the preferred SIP port address and port will take precedence over the external address of the SIP NAT when they do not match. If both TCP and UDP SIP ports are defined, the address and port of the preferred UDP port is used.

Proxy Mode

The Oracle Communications Session Border Controller’s proxy mode determines whether it forwards requests received on the SIP interface to target(s) selected from local policy; or sends a send a redirect response to the previous hop. Sending the redirect response causes the previous hop to contact the targets directly.

If the source of the request matches a session agent with a proxy mode already defined, that mode overrides the proxy mode defined in the SIP interface.

You can configure the proxy mode to use the Record-Route option. Requests for stateless and transaction operation modes are forwarded with a Record-Route header that has the Oracle Communications Session Border Controller’s addresses added. As a result, all subsequent requests are routed through the Oracle Communications Session Border Controller.

Redirect Action

The redirect action is the action the SIP proxy takes when it receives a SIP Redirect (3xx) response on the SIP interface. If the target of the request is a session agent with redirect action defined, its redirect action overrides the SIP interface’s.

You can set the Oracle Communications Session Border Controllerto perform a global redirect action in response to Redirect messages. Or you can retain the default behavior where the Oracle Communications Session Border Controller sends SIP Redirect responses back to the previous hop (proxy back to the UAC) when the UAS is not a session agent.

The default behavior of the Oracle Communications Session Border Controller is to recurse on SIP Redirect responses received from the user agent server (UAS) and send a new request to the Contact headers contained in the SIP Redirect response.

Instead of this default behavior, the Oracle Communications Session Border Controller can proxy the SIP Redirect response back to the user agent client (UAC) using the value in the session agent’s redirect action field (when the UAS is a session agent). If there are too many UASes to define as individual session agents or if the UASs are HNT endpoints, and SIP Redirect responses need to be proxied for UASs that are not session agents; you can set the default behavior at the SIP Interface level.

SIP maddr Resolution

Release S-C6.2.0 provides enhanced resolution of addresses found in SIP contact headers, or in the maddr (multicast address) parameter of SIP 3xx REDIRECT messages. Previous releases resolved these addresses as either a host address or as a session agent name. With Release 6.2.0 these addresses can also be resolved as session agent group (SAG) names.

Support for SAG-based resolution is provide by a new sip-config parameter, sag-lookup-on-redirect. By default, SAG lookup is disabled, providing compatibility with prior releases.

The following sample SIP REDIRECT and ACLI configuration fragment illustrate enhanced processing. 

Status-Line: SIP/2.0 302 Moved
Message Header
Via: SIP/2.0/UDP
192.168.200.224:5060;branch=z9hG4bKa0fs40009o90sc8oo780.1
From: <sip:1111@192.168.1.222:6000>;tag=1
To: sut <sip:2223@192.168.1.224:5060>;tag=11
Call-ID: 1-28515@192.168.1.222
CSeq: 1 INVITE
Contact: <sip:1111@192.168.1.223;maddr=test.acmepacket.com>
Privacy: user;id;critical;session
P-Preferred-Identity: sipp <sip:sipp@192.168.200.222:5060>
P-Asserted-Identity: abc.com
Subject: abc
Proxy-Require: privacy,prack,abc
Content-Length: 0

session-group
        group-name                     test.acmepacket.com
        description
        state                          enabled
        app-protocol                   SIP
        strategy                       Hunt
        dest
                                       192.168.200.222
                                       192.168.200.223
...
...

In this case, when the Oracle Communications Session Border Controller receives the 302, it resolves the information from maddr to a SAG name. In the above example, it will resolve to the configured SAG – test.acmepacket.com. The destinations configured in SAG test.acmepacket.com will be used to route the call.

SAG-based address resolution is based on the following set of processing rules.

  1. When the Contact URI does not have an maddr parameter, and the hostname is not an IP Address, the Oracle Communications Session Border Controller will look for a SAG matching the hostname.
  2. When the Contact URI has an maddr parameter that contains an IP address, the Oracle Communications Session Border Controller will not look for a SAG; it will use the IP Address as the target/next-hop.
  3. When the Contact URI has an maddr parameter that contains a non-IP-address value, the Oracle Communications Session Border Controller will look for a SAG matching the maddr parameter value.

    The above logic can be turned on by enabling sag-lookup-on-redirect in the sip-config object as shown below.

SIP maddr Resolution Configuration

To configure the Oracle Communications Session Border Controller to perform SAG-based maddr resolution:

  1. From superuser mode, use the following command sequence to access sip-config configuration mode. While in this mode, you configure SAG-based address resolution. 
    ORACLE# configure terminal
ORACLE(configure)# session-router
ORACLE(session-router)# sip-config
ORACLE(sip-config)#
  2. Use the sag-lookup-on-redirect parameter to enable SAG-based maddr resolution.
  3. Use done, exit, and verify-config to complete SAG-based address resolution.

Trust Mode

The Oracle Communications Session Border Controller supports the Calling Identity privacy requirements based on RFC 3323 and RFC 3325. The trust mode in the SIP interface determines whether the source and destination of a request is a trusted entity. With the implementation of this feature, the Oracle Communications Session Border Controller can understand and support the privacy headers and provide the capability for anonymous packets

The Oracle Communications Session Border Controller, which acts as a boundary device between the trusted platform and the untrusted Internet, understands the following headers:

  • Privacy Header
  • P-Asserted-Identity Header
  • P-Preferred-Identity Header

Depending on the value of these headers and the mode in which the Oracle Communications Session Border Controller is being operated (B2BUA or the proxy), the appropriate actions are performed.

About the Process

On receiving a message, the Oracle Communications Session Border Controller checks whether the message source is trusted or not. It checks the SIP interface’s trust mode value and, if the source is a session agent, the session agent’s trust me value. Depending on these values, the Oracle Communications Session Border Controller decides whether the request’s or response’s source is trusted. If it receives message from a trusted source and the message contains the P-Asserted-Identity header field, the Oracle Communications Session Border Controller passes this message to the outgoing side. The outgoing side then decides what needs to be done with this request or response.

If the request or the response is received from an untrusted source, the Privacy header value is id (privacy is requested), and the P-Asserted-Identity header field is included, the Oracle Communications Session Border Controller strips the Privacy and the P-Asserted-Identity headers and passes the request or the response to the outgoing side.

If the request or the response contains the P-Preferred-Identity header and the message source is untrusted, the Oracle Communications Session Border Controller strips the P-Preferred-Identity header from the request or the response and passes the message to the outgoing side.

If the source is trusted or privacy is not requested (the value of the Privacy Header is not id) and the request or the response contains the P-Preferred-Identity header, the Oracle Communications Session Border Controller performs the following actions:

  • inserts the P-Asserted-Identity header field with the value taken from the P-Preferred-Identity header field
  • deletes the P-Preferred-Identity header value
  • passes this request or the response to the Outgoing side for the appropriate action, depending on the whether the destination is trusted or not

After the Oracle Communications Session Border Controller passes the request or the response to the outgoing side, it checks whether the destination is trusted by checking the SIP interface’s trust mode value and the session agent’s trust me value (if the destination is configured as session agent).

  • The destination is trusted

    The Oracle Communications Session Border Controller does nothing with the request or the response and passes it to the destination. If the P_Asserted_Identity headers are present, they are passed to the session agent (if the destination is configured as session agent).

  • The destination is untrusted

    The Oracle Communications Session Border Controller looks at the value of the Privacy header. If set to id, the Oracle Communications Session Border Controller removes all the P-Asserted-Identity headers (if present). It strips the Proxy-Require header if it is set to privacy. The Oracle Communications Session Border Controller also sets the From field of SIP header to Anonymous and strips the Privacy header.

    If the Privacy header is set to none, the Oracle Communications Session Border Controller does not remove the P-Asserted-Identity header fields.

    If there is no Privacy header field, the SD will not remove the P-Asserted-Identity headers.

To implement this feature, you need to configure the session agent’s trust me parameter to enabled (if the message source is a session agent) and the SIP interface’s trust mode to the appropriate value.

Call Duration Counters

The Oracle Communications Session Border Controller maintains aggregate call duration in seconds for the current period, lifetime total and the lifetime-period-maximum. These counters are maintained for each session agent, realm, SIP Interface, and globally across the system. The call duration counter can count up to a 32 bit value, after which time it rolls over.

The call duration counters are displayed in the following show commands:
  • show sipd agents
  • show sipd realms
  • show sipd interface
  • show sipd status

Call Duration Calculation

Call duration is calculated as the time between (t1) when the SBC receives the 200OK for the INVITE from terminating endpoint, and (t2) the time when SBC receives the final 200OK for the BYE message from terminating endpoint, regardless of whether media is released. If the set-disconnect-time-on-bye parameter is enabled in the sip-config, then the call termination time (t2') is when the SBC receives the BYE message originally from the endpoint ending the call.

Figure 5-1 Call Duration Calculation Example - Ladder Diagram

Example ladder diagram showing times used for calculating call durations. Refer to previous paragraph for description of call flow, refer to next table for calculating call durations from various system perscpectives on the SBC.

Table 5-1 Call Duration Calculation Example - Results

Element Inbound Duration (sec) Outbound Duration (sec)
Session Agent: SA-1 t2 - t1 0
Session Agent: SA-2 0 t2 - t1
Realm: InRealm t2 - t1 0
Ream: OutRealm 0 t2 - t1
Interface: 1.1.1.1 t2 - t1 0
Interface: 2.2.2.2 0 t2 - t1

The global system call duration for the previous example is t2' - t1 seconds if the set-disconnect-time-on-bye parameter is enabled.

Configurable Timers and Counters

SIP timers and counters can be set in the global SIP configuration, and two can be specific for individual SIP interfaces.

You can set the expiration times for SIP messages, and you can set a counter that restricts the number of contacts that the Oracle Communications Session Border Controller tries when it receives a REDIRECT. These are similar to two parameters in the global SIP configuration, trans-expire and invite-expire. You can also set a parameter that defines how many contacts/routes the Oracle Communications Session Border Controller will attempt on redirect.

Timer to Tear Down Long Duration Calls

The Oracle Communications Session Border Controller currently provides the “flow-time-limit” timer to terminate long duration calls. However, this timer is reset whenever the Oracle Communications Session Border Controller receives a Re-INVITE or UPDATE message, even when it is provided for the session timer. This feature adds a non-resettable timer that, when enabled and upon expiration, tears down long duration calls.

When the “flow-time-limit” timer for terminating long media flow expires, the Oracle Communications Session Border Controller sends a SIP BYE or H323 Release Complete message to tear down the long call. However, this timer is reset whenever the SBC receives a Re-INVITE or UPDATE message. In most call scenarios, long duration calls are terminated with the expiration of this timer, but there are some cases where a call can stay connected for a longer duration. For example, if a user connects to an IVR service and does not hang up the phone receiver properly, there is no way for the network provider to free up the IVR resources if the user devices send session updating requests. To prevent this situation, this feature adds a new timer session-max-life-limit, which starts when the call or session is established and does not reset for any session update, keep-alive or SBC switchover. On expiry, the call is torn down if it’s in established state.

The new timer session-max-life-limit can be provisioned in the following configuration elements, in order of precedence from highest to lowest: session-agent, realm-config, sip-interface, and sip-config. Its range of values is {0-2073600} seconds with an additional special case value of “Unlimited”, which is treated as the highest possible value. The default value is 0 (no timer).

Difference between 0 and Unlimited

No timer is created when session-max-life-limit is configured to either the value 0 or “Unlimited”, so no timeout can occur. The difference between the two values is how they are handled when determining which value of session-max-life-limit to use when there are several specified within the various configuration elements. When a session is created the timer examines both the ingress side and the egress side and, in cases where both sides have a configured value for session-max-life-limit, uses the side with the lower (stricter) value. On each side, the SBC reviews the configuration elements relevant to the session and uses the value of session-max-life-limit from the configuration element with the highest precedence (session-agent, then realm-config, then sip-interface, and lastlysip-config). When the value is set to 0, the configuration element is ignored and the next configuration element in the precedence chain is looked at. A value between 1 and 2073600 (24 days) or the value “Unlimited” is treated as a valid configured value. In this case the SBC will not move onto the next element in the precedence chain and the value is used in the final comparison between the egress and ingress values. The value “Unlimited” is viewed as the highest possible value, and therefore is considered greater than any other value it is compared against. The value 0 is skipped over and completely ignored.

For example, on the ingress side the value of session-max-life-limit in realm-config is set to 86400 and the value of session-max-life-limit in session-agent is set to "Unlimited". The session-agent value has a higher precedence than the realm-config value so, therefore, the value “Unlimited” is used for the ingress side. On the egress side the value of session-max-life-limit in realm-config is set to 43200 and the value of session-max-life-limit in session-agent is set to 0 (no timer), so the value of session-max-life-limit in realm-config is used. When compared against the ingress side the value 43200 is less than “Unlimited”; therefore, the value set for the timer is 43200.

Timer to Tear Down Long Duration Calls Configuration

Use the following procedure to configure, in the session-agent, realm-config, sip-interface, and sip-config configuration elements, a non-resettable timer that, when enabled and upon expiration, tears down long duration calls.

Although the timer occurs in four separate configuration elements, for brevity only the procedure for configuring realm-config is shown as the general procedure does not vary for the other configuration elements.
For the realm-config configuration element:
  1. Access the realm-config configuration element. 
    ORACLE# configure terminal
ORACLE(configure)# media-manager
ORACLE(media-manager)# realm-config
ORACLE(realm-config)#
  2. Select the realm-config object to edit. 
    ORACLE(realm-config)# select
identifier:
1: realm01 left-left:0 0.0.0.0

selection: 1
ORACLE(realm-config)#
  3. session-max-life-limit — Enter the maximum interval in seconds before the SBC must terminate long duration calls. The value supercedes the value of session-max-life-limit in the sip-interface and sip-config configuration elements and is itself superceded by the value of session-max-life-limit in the session-agent configuration element. The default value is 0 (off/ignored).
  4. Type done to save your configuration.

Asymmetric Preconditions

This feature allows you to reserve network resources for a session before the called party is alerted by establishing preconditions for individual call legs. Currently, the Oracle Communications Session Border Controller transparently passes precondition attributes in SIP signaling and the UEs negotiate preconditions end to end. However, some networks support the SIP preconditions and other networks do not. To help provide precondition interworking between these networks, the Oracle Communications Session Border Controller supports SIP preconditions on a per call leg basis.

Some architectures require minimizing the chance of session establishment failure after alerting the called party. One source of failure is the inability to reserve network resources for a session, which can cause media clipping and "ghost rings". The solution is to allow preconditions to reserve network resources for the session before alerting the called party. A precondition is a set of constraints about the session which are introduced in the offer. The recipient of the offer generates an answer, but does not alert the user or otherwise proceed with session establishment until the preconditions are met. This can be known through a local event (such as a confirmation of a resource reservation), or through a new offer sent by the caller. The concept of preconditions is explained in RFC 3312, updated by RFC 4032, and also 3GPP TS 24.229.

The Oracle Communications Session Border Controller handles preconditions either leg by leg or transparently passes preconditions through in SDP based on the configuration. When leg by leg management is done, the SBC can behave as a UAS or a UAC. When behaving as a UAS, the SBC complies with 3GPP TS 24.229 Sections 5.1.4.1 and 6.1.3. When the parameter asymmetric-preconditions is enabled on the ingress interface and disabled for the egress interface at the SBC:
  • The SBC does not use preconditions when the received INVITE request does not include the precondition option tag in the Supported or Require header fields.
  • When the received INVITE request includes the precondition option tag in the Supported or Require header fields, the SBC uses the precondition mechanism and inserts a Require header field with the precondition option tag in any response including an SDP or subsequent request (also with SDP) that it sends to the originating UE during session establishment.
  • When the received INVITE request includes the 100rel and preconditions option tags and the SDP offer contains no precondition attributes, the equipment behaves as if the INVITE was received without an SDP. In this case the SBC just proxies the request and no preconditions interworking occurs.
  • When the received INVITE request includes the 100rel and preconditions option tags and there is no SDP (content) in the incoming INVITE, the SBC treats the INVITE as an offerless case and preconditions interworking occurs.
  • The SBC always has resources reserved, so the value of the SDP parameter direction-tag in the preconditions current attribute line will always be sendrecv for the SDP parameter status-type value local for the SBC.
When behaving as a UAC, the SBC complies with RFC 3312 and 3GPP TS 24.229 Sections 5.1.3.1 and 6.1.2. When the parameter asymmetric-preconditions is enabled on the egress interface and disabled for the ingress interface, upon generating an initial INVITE request using the precondition mechanism, the SBC indicates preconditions interworking by including the precondition option tag in the Supported header field and not in the Require header.
  • The SBC always has resources reserved, so the value of the SDP parameter direction-tag in the preconditions current attribute line will always be sendrecv for the SDP parameter status-type value local for the SBC.
  • If the UE answers with a request for confirmation of resources, the SBC resends the UPDATE with sendrecv on the local preconditions for the SBC. As the SBC always confirms the preconditions in the first response or in the request it sends towards the UE, there is no need for the UE to confirm resources on the SBC.

When appropriately configured, the Oracle Communications Session Border Controller inserts SDP into an outgoing INVITE when the corresponding incoming INVITE has none. Because no SDP information is available for the session, the Oracle Communications Session Border Controller uses a media profile from a previously configured list to determine the content to insert. You cannot enable asymmetric preconditions without first enabling PRACK interworking by setting the value of sip-interface, options to 100rel-interworking. The SBC does precondition interworking by creating SDP offers or answers before the actual ones have reached the UE; thus, transcoding policies are needed to cover the cases where different codecs are negotiated. However, in cases where different codecs are not expected, interworking works without defining codec policies. When codec policies are not defined and a final SDP answer comes with a different codec, the SBC will drop the call with 488 Not Acceptable.

To establish preconditions interworking, you must first enable it on the SIP interface with the parameter asymmetric-preconditions and then define when the initial offer will be sent to the endpoint that doesn’t support preconditions with the parameter asymmetric-preconditions-mode. When the value of asymmetric-preconditions-mode is send-with-nodelay, the SBC forwards the INVITE as soon as it is received; however, it strips the precondition option tag from the Require and Supported header fields and also removes the preconditions related SDP. This triggers preconditions interworking on the calling side of the SBC. Responses received from the called party are queued until resource reservation is complete on the calling side. When resource reservation is complete, all buffered responses from the called party are sent to the calling party (after, if necessary, removing the SDP as in PRACK interworking) and the call proceeds as normal. When the value of asymmetric-preconditions-mode is send-with-delay on the egress, the initial INVITE forwarded to the called party is held until preconditions are met by the calling party. For offerless 18x INVITEs, that is, when the incoming INVITE has no STP, the SBC inserts the SDP, as configured in the media profile names listed in add-sdp-profiles-in-msg, in the 18x (183) response towards the UE.

Asymmetric Preconditions Configuration Guidelines

Set the asymmetric-preconditions parameter to enabled on any sip-interface that connects to networks requiring preconditions support.

Note:

Offer-less scenarios do not use SDP attributes to denote the use of preconditions. All such messaging uses precondition tags.
Egress Ingress Notes
disabled disabled INVALID configuration

Proxy the request, no IWF

disabled enabled

If the INVITE has no precondition attributes, then proxy.

If the INVITE has precondition tags and attributes, trigger precondition IWF.

If, the egress interface has asymmetric-preconditions-mode set to send-with-no delay, the INVITE will be forwarded immediately as soon as SBC receives it.

If, the egress interface has asymmetric-preconditions-mode=send-with-delay, the INVITE will be held until preconditions are complete and SBC will forward it.

enabled disabled

If, Incoming INVITE has preconditions, then proxy, no IWF.

If, Incoming INVITE has no preconditions, insert precondition tags and SDP.

If response comes with precondition tag, then continue with IWF.

If response has no precondition option tags, no IWF - disable the functionality and proxy.

enabled enabled INVALID configuration

Proxy the request, no IWF

When an INVITE arrives with both precondition tags and precondition SDP attributes, the SBC behaves as listed below, sending the message with or without delay, based on the asymetric-preconditions-mode configuration on the outgoing interface.

  • The SBC performs preconditions-to-nonpreconditions interworking by stripping the precondition tags and attributes and forwarding when it is configured with:
    • Incoming interface:
      • 100rel-interworking option enabled
      • asymetric-preconditions parameter set to enabled
    • Outgoing interface:
      • asymetric-preconditions parameter set to disabled
  • The SBC proxies the request, and does not perform interworking when it is configured with:
    • Incoming interface:
      • 100rel-interworking option disabled
      • asymetric-preconditions parameter set to disabled
    • Outgoing interface:
      • 100rel-interworking option enabled
      • asymetric-preconditions parameter set to enabled
  • The SBC proxies the request, and does not perform interworking when it is configured with:
    • Incoming and outgoing interfaces have asymetric-preconditions enabled
    • Incoming and outgoing interfaces have asymetric-preconditions disabled

In situations when the INVITE arrives with no preconditions tags and no precondition SDP attributes, the SBC behaves as listed below.

  • The SBC proxies the request, and does not perform interworking when it is configured with:
    • Incoming interface:
      • 100rel-interworking option enabled
      • asymetric-preconditions parameter set to enabled
    • Outgoing interface:
      • asymetric-preconditions parameter set to disabled
  • The SBC performs nonpreconditions-to-preconditions interworking by inserting the precondition tags and attributes and forwarding when it is configured with:
    • Incoming interface:
      • 100rel-interworking option disabled
      • asymetric-preconditions parameter set to disabled
    • Outgoing interface:
      • 100rel-interworking option enabled
      • asymetric-preconditions parameter set to enabled
    The SBC proxies the request, and performs no interworking when it is configured with:
    • Incoming and outgoing interfaces have asymetric-preconditions enabled
    • Incoming and outgoing interfaces have asymetric-preconditions disabled

Transcoder Free Operation for Asymmetric Preconditions

You can configure the SBC to avoid using transcoding resources while supporting call flows with asymmetric preconditions. After establishing a call that includes transcoding, the SBC can trigger this Transcoder Free Operation (TrFO) feature if the asymmetric preconditions parameter is present in the caller's SDP and a compatible codec can still be identified. Having determined that the call can proceed without transcoding, the SBC originates a reINVITE towards the calling party containing the called side codec. Once the reINVITE is completed, the call can continue without transcoding. The negotiated codec on the called party side must have been included in the calling party's original offer (after ingress codec-policy execution).

When preconditions are enabled on either the caller or callee side and disabled on the other side, the SBC is able to trigger preconditions interworking. The SBC stores all the provisional and final responses from the callee until the preconditions are met. At this point in the call flow, the negotiated codec in the 200 OK may be different than that of the calling side triggering transcoding. To avoid this transcoding, you can configure the SBC to issue a re-INVITE to the caller after call establishment with a compatible codec on the called side. The SBC initiates this re-INVITE only if the following conditions are true:

  • Transcoding is induced by asymmetric preconditions
  • The negotiated codec on the called side is within the allowed codecs of the calling party's initial offer

To determine whether it can send out this re-INVITE, the SBC retains the codec list sent by the calling party, usually within the initial offer with all supported codecs. It also monitors the result of the ingress codec-policy for compatible codecs.

Important limitations to when the SBC can use TrFO with asymmetric preconditions include:

  • Although asymmetric preconditions are supported for either side of a call, the SBC only supports TrFO for the caller side. If asymmetric preconditions are applied on the called interface or on both the interfaces, thisTrFO feature does not work.
  • This feature does not apply to call flows with offerless INVITEs.
  • This feature does not apply to call flows with multiple-early dialog.
  • The TrFO for ringback and asymmetric preconditions features can conflict with each other. If there is a configuration wherein a session agent has ringback enabled, and TrFO for Asymmetric Preconditions is enabled on that session agent's realm, the configuration is invalid and, thisTrFO feature does not work.
  • The SBC does not fully support TrFO when you configure the feature-trfo parameter with both ringback and asymmetric-preconditions. If you configure both ringback and asymmetric-preconditions on the ingress and egress realms, such that the system is expected to perform both functions simultaneously on opposite ends of a call, the TrFO would be applicable only to one of the features.

Configuration

This functionality requires that you configure the EVS WB media profile. In addition, you must configure the initial INVITE ingress realm with the feature-trfo parameter using the syntax below. 

ORACLE(realm-config)# feature-trfo asymmetric-preconditions

Under the conditions described in this section, this configuration allows the SBC to force SDP re-negotiation and prevents the call from requiring transcoding.

As mentioned above, although you can configure the feature-trfo parameter with multiple parameters, the SBC only acts on one of those parameters at any give time. Under the condition where more than one parameter applies, the SBC refers to your configuration's parameter order to determine which function to perform:

  • If the configuration order appear with ringback first, the SBC applie TrFO for ringback. (feature-trfo : ringback,asymmetric preconditions).
  • If the configuration order appear with asymmetric preconditions first, the SBC applie TrFO for asymmetric preconditions. (feature-trfo : asymmetric preconditions, ringback).
TrFO Statistics for Asymmetric Preconditions

The show sipd preconditions-trfo command shows Asymmetric Preconditions TrFO statistics:

  • Initiated: number of initiated TRFO reINVITE transactions
  • Success: number of successfully completed TRFO reINVITE transactions
  • Failure: number of failed TRFO reINVITE transactions (either error returned or timed out)
ORACLE# show sipd preconditions-trfo 
 Asymmetric Preconditions TrFO statistics (2011-09-24 12:03:37.051)
             ---- Lifetime ----
            Recent Total PerMax
 Initiated    0      3      2 
 Success      0      3      2 
 Failure      0      0      0

You can reset this data back to zero using the reset sipd command.

Asymmetric Preconditions and EVS using Super Wide-band

The SBC supports transcoding the EVS codec, but not when the bandwidth presented is SWB, NB-SWB, or WB-SWB. When presented with these within asymmetric preconditions call flows, the SBC performs an "internal transcode" using the EVS WB instead of the EVS-SWB codec. This works because a UE that supports EVS-SWB also supports EVS-WB. The SBC performs this function for asymmetric preconditions call flows only.

To support EVS-SWB for within an asymmetric precondition call flow, the SBC monitors initial INVITEs for the EVS codec with SWB in the offer/answer SDP. If present, the system maps the bandwidth parameter from SWB to WB/NB and updates the media flows. Once media flows are updated, and before sending out the request/response, the SBC uses the original offer to compare and revert the bandwidth parameter back to support the caller or callee.

The SBC performs this mapping when triggered by the caller or callee. This could be the initial INVITE from the caller as well as the 200 OK from the callee. Internally, the SBC maps these to evs-wb and, before sending out the request or response, replaces them with evs-swb, in accordance with the stored offer.

Supported methods include INVITE, UPDATE and PRACK within the context of asymmetric preconditions call flow. The system maps EVS-SWB bandwidth as follows:

  • bw=nb-swb mapped to bw=nb-wb
  • bw=wb-swb mapped to bw=wb
  • bw=swb mapped to bw=wb

You configure this behavior with the following, in addition to the TrFo configuration.

ORACLE(sip-config)# asymm-preconditions-evs-swb-support enabled

Important considerations while deploying this feature include:

  • The SBC does not support EVS-SWB within codec policy, because it does not encode EVS-SWB packets.
  • If the environment changes the codec's payload type before forwarding the request, the SBC still tries to negotiate using wideband bandwidth. This is because , while reverting the bw parameter, the SBC continues to use the original SDP, performing the inherent operation by referring to the payload type.
  • If and end-station issues EVS-SWB within a re-INVITE, such as when the caller rejects the TrFO re-INVITE, the SBC does not perform this mapping function. The SBC only negotiates preconditions before the call is established, and clears them after it receives the final response for the INVITE.
Call Flows for Asymmetric Preconditions TrFo

The image below depicts the SBC performing TrFo with asymmetric preconditions, wherein the egress mode is send-with-nodelay.

  1. The UAC issues an invite with SDP that offers EVS, AMR-WB and AMR.
  2. The SBC, supporting asymmetric preconditions, forwards this list to the UAS, per SBC configuration. Note the use of thesend-with-nodelay mode causes the SBC to immediately send the INVITE.
  3. The SBC proceeds with confirming preconditions with the UAC.
  4. In the meantime, the UAS proceeds with agreeing to the call using AMR.
  5. The UAC and SBC confirm the call with transcoding.
  6. Immediately after confirming the call, the SBC triggers its TrFO function, changing the agreed upon codec to AMR with the UAC.
  7. The call proceeds without transcoding (TrFo).
This image depicts the SBC performing a simple TrFo process for a call flow with asymmetric preconditions.

The image below depicts the SBC performing TrFo with asymmetric preconditions and PRACK interworking, wherein the egress mode is send-with-nodelay.

  1. The UAC issues an invite with SDP that offers AMR and G729.
  2. The SBC, supporting asymmetric preconditions, forwards this list to the UAS, per SBC configuration. Note the use of the send-with-nodelay mode causes the SBC to immediately send the INVITE.
  3. The SBC proceeds with confirming preconditions with the UAC. This process specifies AMR as the codec agreed upon by the UAC and the SBC.
  4. In the meantime, the UAS proceeds with agreeing to the call using G729.
  5. The UAC and SBC confirm the call with transcoding.
  6. Immediately after confirming the call, the SBC triggers its TrFO function, changing the agreed upon codec to G729 with the UAC.
  7. The call proceeds without transcoding (TrFo).
This image depicts the SBC performing a simple TrFo process for a call flow with asymmetric preconditions.

The image below depicts the SBC performing TrFo with asymmetric preconditions, wherein the egress mode is send-with-delay.

  1. The UAC issues an invite with SDP that offers AMR and G729.
  2. The SBC, supporting asymmetric preconditions, forwards this list to the UAS, per SBC configuration. Note the use of the send-with-delay mode causes the SBC to hold the INVITE.
  3. The SBC proceeds with confirming preconditions with the UAC. This process specifies G729 as the codec agreed upon by the UAC and the SBC.
  4. After establishing preconditions and agreeing the G729 with the UAC, the SBC forwards the INVITE.
  5. The UAS proceeds with agreeing to the call using AMR.
  6. The UAC and SBC confirm the call with transcoding.
  7. Immediately after confirming the call, the SBC triggers its TrFO function, changing the agreed upon codec to AMR with the UAC.
  8. The call proceeds without transcoding (TrFo).
This image depicts the SBC performing a simple TrFo process for a call flow with asymmetric preconditions.

The image below depicts the SBC performing a simple TrFo process for a call flow with asymmetric preconditions. In addition, you have enabled the asymm-preconditions-evs-swb-support parameter in the sip-config.

  1. The UAC issues an invite with SDP that offers EVS-SWB and AMR. The SBC, supporting asymmetric preconditions, forwards to the UAS adding AMR-WB to the offered list, per SBC configuration.
  2. The UAS continues with the call while the SBC exchanges an UPDATE with the UAC.
  3. As the UAS proceeds with accepting the call using AMR, the SBC reverts from EVS-SWB to EVS-WB and proceeds with the call using transcoding. Note the enabled asymm-preconditions-evs-swb-support parameter allows the SBC to use EVS wideband instead of super-wideband without transcoding.
  4. The SBC recognizes AMS as an option and issues a re-INVITE, as described, the establish the leg using AMR.
  5. Once the leg is confirmed for AMR, the call proceeds without transcoding (TrFo).
This image depicts the OCSBC performing TrFo for a call flow with asymmetric preconditions.

SIP Interface Configuration

To configure a SIP interface:

  1. In Superuser mode, type configure terminal and press Enter. 
    ORACLE# configure terminal
  2. Type session-router and press Enter to access the system-level configuration elements. 
    ORACLE(configure)# session-router
  3. Type sip-interface and press Enter. The system prompt changes to let you know that you can begin configuring individual parameters. 
    ORACLE(session-router)# sip-interface
ORACLE(sip-interface)#

    From this point, you can configure SIP interface parameters. To view all sip-interface parameters, enter a ? at the system prompt.

  4. state—Enable or disable the SIP interface. The default is enabled. The valid values are:

    • enabled | disabled

      Note:

      Oracle does not recommend disabling and re-enabling a sip-interface operating with TCP ports. Depending on conditions and circumstances, you may not be able to re-enable this sip-interface without rebooting the system. If you need to disable, then re-enable a sip-interface, ensure that:
      • There are no ESTABLISHED in-bound sockets
      • The access-control-trust-level of the realm must not be configured to low or medium
  5. realm-id—Enter the name of the realm to which the SIP interface is connected.
  6. sip-ports—Access the sip-ports subelement.
  7. carriers—Enter the list of carriers related to the SIP interface.

    Entries in this field can be from 1 to 24 characters in length and can consist of any alphabetical character (Aa-Zz), numerical character (0-9), or punctuation mark (! ”$ % ^ & * ( ) + - = < > ? ‘ | { } [ ] @ / \ ‘ ~ , . _ : ; ) or any combination of alphabetical characters, numerical characters, or punctuation marks. For example, both 1-0288 and acme_carrier are valid carrier field formats

  8. proxy-mode—Enter an option for the proxy mode parameter. Valid values are:

    • Proxy—Forward all SIP requests to selected targets.

    • Redirect—Send a SIP 3xx redirect response with the selected target(s) in the Contact header.

    • Record-Route—Forward requests to selected target(s) and insert a Record-Route header with the SBC’s address. For stateless and transaction mode only.

  9. redirect-action—Enter the value for the redirect action. Valid values are:

    • Proxy—Send the SIP request back to the previous hop.

    • Recurse—Recurses on the Contacts in the response.

      The designated proxy action will apply to SIP 3xx responses received from non-session agents and to 3xx responses received from session agents without configured SIP Redirect message actions (for example, session agents without values for the redirect action field).

    • Recurse-305-only—Recurses on the Contacts only in a 305 response.
  10. contact-mode—Set the Contact header routing mode, which determines how the contact address from a private network is formatted.

    For example, whether a maddr parameter equal to the Oracle Communications Session Border Controller’s SIP proxy needs to be added to a URI present in a Contact header.

    The default is none. The valid values are:

    • none—The address portion of the header becomes the public address of that private realm.

    • maddr—The address portion of the header will be set to the IP address of the Oracle Communications Session Border Controller’s B2BUA.

    • strict—The contents of the Request-URI is destroyed when a Record-Route header is present.

    • loose—The Record-Route header is included in a Request, which means the destination of the request is separated from the set of proxies that need to be visited along the way.

  11. nat-traversal—Define the type of HNT enabled for SIP. The default is none. Valid values are:

    • none—HNT function is disabled for SIP.

    • rport—SIP HNT function only applies to endpoints that include the rport parameter in the Via header. HNT applies when the sent-by of the topmost VIA matches the Contact-URI host address, both of which must be different from the received Layer 3 address.

    • always—SIP HNT applies to requests when the sent-by of the topmost VIA matches the Contact-URI host address, both of which must be different from the received Layer 3 address. (Even when the rport parameter is not present.)

  12. nat-interval—Set the expiration time in seconds for the Oracle Communications Session Border Controller’s cached registration entry for an HNT endpoint. The default is 30. The valid range is:

    • Minimum—0

    • Maximum—4294967295

      Oracle recommends setting the NAT interval to one-third of the NAT binding lifetime. A NAT binding lifetime is the network connection inactivity timeout. The value is configured (or hardwired) in the NAT device (firewall). This timer is used to cause the UA to send REGISTER messages frequently enough to retain the port binding in the NAT. Retaining the binding lets inbound requests to be sent through the NAT.

  13. tcp-nat-interval—Set the registration cache expiration time in seconds to use for endpoints behind a NAT device that register using TCP. On upgrade, the Oracle Communications Session Border Controller assigns this parameter the same value as the existing NAT interval. The default is 90. The valid range is:

    • Minimum—0

    • Maximum—999999999

      The Oracle Communications Session Border Controller uses the value you set for the TCP NAT interval as the expiration value passed back in SIP REGISTER (200 OK) responses to endpoints behind a NAT that register over TCP. The NAT interval value with which you are familiar from previous releases is used for endpoints behind a NAT that register over UDP. Requiring endpoints that register over TCP to send refresh requests as frequently as those registering over UDP puts unnecessary load on the Oracle Communications Session Border Controller. By adding a separate configuration for the TCP NAT interval, the load is reduced.

      For upgrade and backward compatibility with Oracle Communications Session Border Controller releases prior to Release 4.1, when the tcpNatInterval is not present in the XML for a SIP interface configuration, the value of the NAT interval (natInterval) is used for the TCP NAT interval as well.

  14. registration-caching—Enable for use with all UAs, not just those that are behind NATs. The default is disabled. The valid values are:

    • enabled | disabled

      If enabled, the Oracle Communications Session Border Controller caches the Contact header in the UA’s REGISTER request when it is addressed to one of the following:

    • Oracle Communications Session Border Controller

    • registrar domain value

    • registrar host value

      The Oracle Communications Session Border Controller then generates a Contact header with the Oracle Communications Session Border Controller’s address as the host part of the URI and sends the REGISTER to the destination defined by the registrar host value.

      Whether or not SIP HNT functionality is enabled affects the value of the user part of the URI sent in the Contact header:

    • HNT enabled: the Oracle Communications Session Border Controller takes the user part of the URI in the From header of the request and appends a cookie to make the user unique. A cookie is information that the server stores on the client side of a client-server communication so that the information can be used in the future.

    • HNT disabled: the user part of the Contact header is taken from the URI in the From header and no cookie is appended. This is the default behavior of the Oracle Communications Session Border Controller.

      When the registrar receives a request that matches the address-of-record (the To header in the REGISTER message), it sends the matching request to the Oracle Communications Session Border Controller, which is the Contact address. Then, the Oracle Communications Session Border Controller forwards the request to the Contact-URI it cached from the original REGISTER message.

  15. min-reg-expire—Set the time in seconds for the SIP interface. The value you enter here sets the minimum registration expiration time in seconds for HNT registration caching. The default is 300. The valid range is:

    • Minimum—0

    • Maximum—999999999

      This value defines the minimum expiration value the Oracle Communications Session Border Controller places in each REGISTER message it sends to the real registrar. In HNT, the Oracle Communications Session Border Controller caches the registration after receiving a response from the real registrar and sets the expiration time to the NAT interval value.

      Some UAs might change the registration expiration value they use in subsequent requests to the value specified in this field. This change causes the Oracle Communications Session Border Controller to send frequent registrations on to the real registrar.

  16. registration-interval—Set the Oracle Communications Session Border Controller’s cached registration entry interval for a non-HNT endpoint. Enter the expiration time in seconds that you want the Oracle Communications Session Border Controller to use in the REGISTER response message sent back to the UA. The UA then refreshes its registration by sending another REGISTER message before that time expires. The default is 3600. The valid range is:

    • Minimum—0

      A registration interval of zero causes the Oracle Communications Session Border Controller to pass back the expiration time set by and returned in the registration response from the registrar.

    • Maximum—999999999

      If the expiration time you set is less than the expiration time set by and returned from the real registrar, the Oracle Communications Session Border Controller responds to the refresh request directly rather than forwarding it to the registrar.

      Although the registration interval applies to non-HNT registration cache entries, and the loosely related NAT interval applies to HNT registration cache entries, you can use the two in combination. Using a combination of the two means you can implement HNT and non-HNT architectures on the same Oracle Communications Session Border Controller. You can then define a longer interval time in the registration interval field to reduce the network traffic and load caused by excess REGISTER messages because there is no NAT binding to maintain.

  17. route-to-registrar—Enable routing to the registrar to send all requests that match a cached registration to the destination defined for the registrar host; used when the Request-URI matches the registrar host value or the registrar domain value, not the Oracle Communications Session Border Controller’s address. Because the registrar host is the real registrar, it should send the requests back to the Oracle Communications Session Border Controller with the Oracle Communications Session Border Controller’s address in the Request-URI. The default is disabled. The valid values are:

    • enabled | disabled

      For example, you should enable routing to the registrar if your network uses a N Oracle Communications Session Border Controller and needs requests to go through its service proxy, which is defined in the registrar host field.

  18. teluri-scheme—Enable to convert SIP URIs to tel (resources identified by telephone numbers) URIs.

    If enabled, the requests generated on this SIP interface by the Oracle Communications Session Border Controller will have a tel URI scheme instead of the SIP URI scheme. Only the Request, From, and To URIs are changed to the tel scheme. After the dialog is established, the URIs are not changed. The default is disabled. The valid values are:

    • enabled | disabled

  19. uri-fqdn-domain—Change the host part of the URIs to the FQDN value set here. If set to enabled, and used with an FQDN domain/host, the requests generated by the Oracle Communications Session Border Controller on this SIP interface will have the host part of the URI set to this FQDN value. Only the Request, To, and From URIs are changed. After the dialog is established, the URIs are not changed.
  20. trust-mode—Set the trust mode for the SIP interface, which is checked by the Oracle Communications Session Border Controller when it receives a message to determine whether the message source is trusted. The default is all. Available options are:

    • all—Trust all SIP elements (sources and destinations) in the realm(s), except untrusted session agents. Untrusted session agents are those that have the trust-me parameter set to disabled.

    • agents-only—Trust only trusted session agents. Trusted session agents are those that have the trust-me parameter set to enabled.

    • realm-prefix—Trust only trusted session agents, and source and destination IP addresses that match the IP interface’s realm (or subrealm) address prefix. Only realms with non-zero address prefixes are considered.

    • registered—Trust only trusted session agents and registered endpoints. Registered endpoints are those with an entry in the Oracle Communications Session Border Controller’s registration cache.

    • none—Trust nothing.

      Session agents must have one or more of the following:

    • global realm

    • same realm as the SIP interface

    • realm that is a subrealm of the SIP interface’s realm

  21. trans-expire—Set the TTL expiration timer in seconds for SIP transactions. This timer controls the following timers specified in RFC 3261:

    • Timer B—SIP INVITE transaction timeout

    • Timer F—non-INVITE transaction timeout

    • Timer H—Wait time for ACK receipt

    • Timer TEE—Used to transmit final responses before receiving an ACK

      The default is 0. If you leave this parameter set to the default, then the Oracle Communications Session Border Controller uses the timer value from the global SIP configuration. The valid range is:

    • Minimum—0

    • Maximum—999999999

  22. invite-expire—Set the TTL expiration timer in seconds for a SIP client/server transaction after receiving a provisional response.

    You set this timer for the client and the sever by configuring it on the SIP interface corresponding to the core or access side.

    The default is 0. If you leave this parameter set to the default, then the Oracle Communications Session Border Controller uses the timer value from the global SIP configuration. The valid range is:

    • Minimum—0

    • Maximum—999999999

  23. max-redirect-contacts—Set the maximum number of contacts or routes for the Oracle Communications Session Border Controller to attempt in when it receives a SIP Redirect (3xx Response). The default is 0. If you leave this parameter set to the default, then the Oracle Communications Session Border Controllerwill exercise no restrictions on the number of contacts or routes. The valid range is:

    • Minimum—0

    • Maximum—10

  24. response-map—Enter the name of the SIP response map configuration that you want to apply to this SIP interfaces for outgoing responses. This parameter is blank by default.
  25. local-response-map—Enter the name of the SIP response map configuration that you want to apply to this SIP interfaces for locally-generated SIP responses. This parameter is blank by default.
  26. options—Optional.

Configuring SIP Ports

To configure SIP ports:

  1. From sip-interface, type sip-ports and press Enter. The system prompt changes to let you know that you can begin configuring individual parameters. 
    ORACLE(sip-interface)# sip-ports
ORACLE(sip-port)#
  2. address—Enter the IP address of the host associated with the sip-port entry on which to listen. For example: 
    192.168.11.101
  3. port—Enter the port number you want to use for this sip-port. The default is 5060. The valid range is:

    • Minimum—1025

    • Maximum—65535

  4. transport-protocol—Indicate the transport protocol you want to associate with the SIP port. The default is UDP. The valid values are:

    • TCP—Provides a reliable stream delivery and virtual connection service to applications through the use of sequenced acknowledgment with the retransmission of packets when necessary.

    • UDP—Provides a simple message service for transaction-oriented services. Each UDP header carries both a source port identifier and destination port identifier, allowing high-level protocols to target specific applications and services among hosts.

    • TLS—See the Security chapter for more information about configuring TLS.

  5. allow-anonymous—Define the allow anonymous criteria for accepting and processing a SIP request from another SIP element.

    The anonymous connection mode criteria includes admission control based on whether an endpoint has successfully registered. Requests from an existing SIP dialog are always accepted and processed. The default is all.

    The following table lists the available options.

    • all—All requests from any SIP element are allowed.

    • agents-only—Only requests from configured session agents are allowed. The session agent must fit one of the following criteria:

      • Have a global realm.
      • Have the same realm as the SIP interface
      • Be a sub-realm of the SIP interface’s realm.

        When an agent that is not configured on the system sends an INVITE to a SIP interface, the Oracle Communications Session Border Controller:

      • Refuses the connection in the case of TCP.
      • Responds with a 403 Forbidden in the case of UDP.

    • realm-prefix—The source IP address of the request must fall within the realm’s address prefix or a SIP interface sub-realm. A sub-realm is a realm that falls within a realm-group tree. The sub-realm is a child (or grandchild, and so on) of the SIP interface realm.

      Only realms with non-zero address prefixes are considered. Requests from session agents (as described in the agents-only option) are also allowed.

    • registered—Only requests from user agents that have an entry in the registration cache (regular or HNT) are allowed; with the exception of a REGISTER request. A REGISTER request is allowed from any user agent.

      The registration cache entry is only added if the REGISTER is successful. Requests from configured session agents (as described in the agents-only option) are also allowed.

    • register-prefix—Only requests from user agents that have an entry in the Registration Cache (regular or HNT) are allowed; with the exception of a REGISTER request. A REGISTER request is allowed only when the source IP address of the request falls within the realm address-prefix or a SIP interface sub-realm. Only realms with non-zero address prefixes are considered.

      The Registration Cache entry is only added if the REGISTER is successful. Requests from configured session agents (as described in the agents-only option) are also allowed.

Asymmetric Preconditions Configuration

  1. Access the sip-interface configuration element. 
    ORACLE# configure terminal
ORACLE(configure)# session-router
ORACLE(session-router)# sip-interface
ORACLE(sip-interface)#
  2. Select the sip-interface object to edit. 
    ORACLE(sip-interface)# select
<RealmID>:
1: realm01 172.172.30.31:5060

selection: 1
ORACLE(sip-interface)#
  3. asymmetric-preconditions — identifies whether to enable preconditions interworking on the interface. Allowable values are enabled and disabled. The default is disabled. You cannot enable asymmetric preconditions unless you have first set the value of sip-interface, options to 100rel-interworking.
  4. asymmetric-preconditions-mode — identifies, when the value of asymmetric-preconditions is enabled, whether to send egress INVITEs immediately or to delay them until preconditions have been met. Allowable values are send-with-delay and send-with-nodelay. The value send-with-delay delays INVITEs on the egress interface until preconditions are met on the ingress interface. The value send-with-nodelay forwards INVITEs to the egress interface immediately, but holds the responses until preconditions are met on the ingress interface. The default is send-with-nodelay.
  5. add-sdp-in-msg — identifies the messages in which to insert SDP offers or answers. The only allowable value is 18xresp which, for an offerless INVITE that needs preconditions, causes the SBC to insert the SDP, as configured in the media profile names listed in add-sdp-profiles-in-msg, in the 18x (183) response towards the UE. The default is null (no value).
  6. add-sdp-profiles-in-msg — identifies a list of media profiles that contain, based on the codec, the SDP to insert in the 18x response when add-sdp-in-msg is configured. The default is null (no value).
  7. Type done to save your configuration.