1. ACLI Reference Guide
  2. ACLI Configuration Elements A-M
  3. media-manager-config

media-manager-config

This media-manager-config element defines parameters used in the media steering functions performed by the SBC including the flow timers.

Parameters

state
Enable or disable media management functionality
  • Default: enabled
  • Values: enabled | disabled

    Note:

    This parameter is not RTC supported.
latching
Enable or disable the SBC obtaining the source of the first packet received for a dynamic flow. This parameter is only applicable to dynamic flows. If packet source is unresolved, but SBC expects a packet, it will use newly arrived packet’s source address if latching is enabled. All subsequent packets for the dynamic flow must come from the “latched” source address; otherwise, the packets are dropped.
  • Default: enabled
  • Values: enabled | disabled
flow-time-limit
Enter the total time limit in seconds for the flow. The SBC notifies the signaling application when this time limit is exceeded. This field is only applicable to dynamic flows. A value of 0 seconds disables this function and allows the flow to continue indefinitely.
  • Default: 86400
  • Values: Min: 0 / Max: 999999999
initial-guard-timer
Enter the time in seconds allowed to elapse before first packet of a flow arrives. If first packet does not arrive within this time limit, SBC notifies the signaling application. This field is only applicable to dynamic flows. A value of 0 seconds indicates that no flow guard processing is required for the flow and disables this function.
  • Default: 300
  • Values: Min: 0 / Max: 999999999
subsq-guard-timer
Enter the maximum time in seconds allowed to elapse between packets in a flow. The SBC notifies the signaling application if this timer is exceeded. This field is only applicable to dynamic flows. A field value of zero seconds means that no flow guard processing is required for the flow and disables this function.
  • Default: 300
  • Values: Min: 0 / Max: 999999999
tcp-flow-time-limit
Enter the maximum time in seconds that a media-over-TCP flow can last
  • Default: 86400
  • Values: Min: 0 / Max: 999999999
tcp-initial-guard-timer
Enter the maximum time in seconds allowed to elapse between the initial SYN packet and the next packet in a media-over-TCP flow
  • Default: 300
  • Values: Min: 0 / Max: 999999999
tcp-subsq-guard-timer
Enter the maximum time in seconds allowed to elapse between all subsequent sequential media-over-TCP packets
  • Default: 300
  • Values: Min: 0 / Max: 999999999
tcp-number-of-ports-per-flow
Enter the number of ports, inclusive of the server port, to use for media over TCP. The total number of supported flows is this value minus one.
  • Default: 2
  • Values: Min: 2 / Max: 5
hnt-rtcp
Enable or disable support of RTCP when the SBC performs HNT. If disabled, the SBC will only do RTP for endpoints behind a NAT. If enabled, the SBC will add a separate CAM entry for the RTCP flow so that it can send the RTCP back to the endpoint behind the NAT.
  • Default: disabled
  • Values: enabled | disabled
algd-log-level
Select the log level for the appropriate process
  • Default: notice
  • Values:
    • emergency
    • critical
    • major
    • minor
    • warning
    • notice
    • info
    • trace
    • debug
    • detail
mbcd-log-level
Select the log level for the MBCD process
  • Default: notice
  • Values:
    • notice
    • emergency
    • critical
    • major
    • minor
    • warning
    • notice
    • info
    • trace
    • debug
    • detail
red-flow-port
Enter the number of the port for checkpointing media flows associated with the HA interface. Setting the red-flow-port value to 0 disables media flow HA.
  • Default: 1985
  • Values: Min: 1025 / Max: 65535

    Note:

    This parameter is not RTC supported.
red-mgcp-port
Enter the number of the port on which the system listens for redundancy mgcp sync messages. Setting the red-mgcp-port value to 0 disables MGCP flow HA.
  • Default: 1986
  • Values: 0 is disabled - Min: 1025 / Max: 65535
red-max-trans

Enter the maximum number of redundancy sync transactions to keep on active.

Default: 10000

  • Default: 10000
  • Min: 0 / Max: 50000
red-sync-start-time

Timeout in milleseconds that the system uses to check the transition from standby to active. After this interval starts sending redundancy sync requests.

  • Default: 5000
  • Min: 0 / Max: 4294967295
red-sync-comp-time

Timeout in milleseconds that the system waits after a redundancy sync has finished before it issues subsequent sync requests.

  • Default: 1000
  • Min: 0 / Max: 4294967295
media-policing
Enable or disable the media policing feature
  • Default: enabled
  • Values: enabled | disabled
max-arp-rate
Specifies the maximum percentage of bandwidth the system may use for ARP traffic.
  • Default: 10
  • Min: 0 / Max: 100
max-untrusted-signaling
Specifies the maximum percentage of signaling bandwidth the system can use for untrusted hosts.
  • Default: 100
  • Min: 0 / Max: 100
min-untrusted-signaling
Specifies the minimum percentage of signaling bandwidth the system can use for untrusted hosts.
  • Default: 30
  • Min: 0 / Max: 100
max-signaling-bandwidth
Enter the maximum signaling bandwidth allowed to the host-path in bytes per second
  • On the AP3820, AP4500, and AP4600:
    • Default: 1000000
    • Values: Min: 71000 / Max: 10000000
  • On the AP6300:
    • Default: 4000000
    • Values: Min: 71000 / Max: 40000000
app-signaling-bandwidth
Select the percentage of the untrusted bandwidth reserved for specific application messages. Currently the only supported application message is NCS.
  • Default: 0
  • Values: Min: 1 / Max: 100
tolerance-window
Enter the tolerance window size in seconds used to measure host access limits.
  • Default: 30
  • Values: Min: 0 / Max: 999999999
untrusted-drop-threshold

Percent drop count threshold for untrusted hosts at which the system generates an alarm.

  • Default: 0 (Disabled)
  • Values: Min: 0 / Max: 100
trusted-drop-threshold

Percent drop count threshold for trusted and dynamic trusted hosts at which the system generates an alarm and, assuming associated configuration, an SNMP trap.

  • Default: 0 (Disabled)
  • Values: Min: 0 / Max: 100
acl-monitor-window

The time window, after which the system resets its ACL drop counters, and generates a trap if trusted or untrusted ACLs have exceeded their configured drop threshold.

  • Default: 30
  • Values: Min: 5 / Max: 3600 seconds

Note:

This parameter is not real-time configurable. Reboot after setting this parameter.
trap-on-demote-to-deny
Enable or disable the SBC to send a trap in the event of an endpoint demption from untrusted to deny.
  • Default disabled
  • Values enabled | disabled
trap-on-demote-to-untrusted
Enable for the SBC to send a trap in the event of an endpoint demption from trusted to untrusted.
  • Default: disabled
  • Values: enabled | disabled
syslog-on-demote-to-deny
Enable or disable the SBC to send a message to the syslog when an endpoint is demoted from untrusted to deny.
  • Default: disabled
  • Values: enabled | disabled
syslog-on-demote-to-untrusted
Enable or disable the SBC to send a message to the syslog when an endpoint is demoted from trusted to untrusted.
  • Default: disabled
  • Values: enabled | disabled
rtcp-rate-limit
Enter the maximum speed in bytes per second for RTCP traffic
  • Default: 0
  • Values: Min: 0 | Max: 125000000
syslog-on-call-reject
Enables generation of a syslog message in response to the rejection of a SIP call.
  • Default: disabled
  • Values: enabled | disabled
anonymous-sdp
Enable or disable username and session name fields anonymous in SDP
  • Default: disabled
  • Values: enabled | disabled
arp-msg-bandwidth
Enter the maximum bandwidth that can be used by an ARP message
  • Default: 32000
  • Values: Min: 8192 | Max: 200000
fragment-msg-bandwidth

(Only available on the Acme Packet 3820 and Acme Packet 4500)

Enter the maximum bandwidth that can be used by IP fragment messages
  • Default: 0
  • Values: Min: 0 (fragment packets are treated as untrusted bandwidth); 2000 | Max: 10000000
rfc2833-timestamp
Enable or disable use of a timestamp value calculated using the actual time elapsed since the last RTP packet for H.245 to 2833 DTMF interworking
  • Default: disabled
  • Values: enabled | disabled

Note:

Timestamp and duration changes will not take effect when the 2833 timestamp (rfc-2833-timestamp) and default-2833-duration parameter is altered in the media manager configuration during a SIP INFO to DTMF Interworking scenario.
default-2833-duration
Enter the time in milliseconds for the SBC to use when receiving an alphanumeric UII or SIP INFO with no specified duration.
  • Default: 100
  • Values: Min: 50 | Max: 5000

Note:

Timestamp and duration changes will not take effect when the 2833 timestamp (rfc-2833-timestamp) and default-2833-duration parameter is altered in the media manager configuration during a SIP INFO to DTMF Interworking scenario.

rfc2833-end-pkts-only-for-non-sig
Enable this parameter if you want only the last three end 2833 packets used for non-signaled digit events. Disable this parameter if you want the entire start-interim-end RFC 2833 packet sequence for non-signaled digit events.
  • Default: enabled
  • Values: enabled | disabled
translate-non-rfc2833-event
Enable or disable the SBC’s ability to translate non-rfc2833 events.
  • Default: disabled
  • Values: enabled | disabled
media-supervision-traps
The SBC will send the following trap when the media supervision timer has expired: 
apSysMgmtMediaSupervisionTimerExpTrap NOTIFICATION-TYPE
OBJECTS { apSysMgmtCallId } 
STATUS current
  • Default: disabled
  • Values: enabled | disabled
dnsalg-server-failover
Enable or disable allowing DNS queries to be sent to the next configured server, even when contacting the SBC’s DNS ALG on a single IP address; uses the transaction timeout value set in the dns-server-attributes configuration (part of the dns-config).
  • Default: disabled
  • Values: enabled | disabled
reactive-transcoding
Enable or disable SBC's ability to pre-book a transcoding resource during the SDP offer.
  • Default: disabled
  • Values: enabled | disabled
dos-guard-window
Set the number of seconds that define the window of time for measuring traffic volume within which the DoS alert thresholds may be triggered. When the window expires, the threshold counters revert to zero.
  • Default: 5 seconds
  • Values: Min: 1 / Max: 30
untrusted-minor-threshold
Set the percentage of the untrusted bandwidth that triggers a minor alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
untrusted-major-threshold
Set the percentage of the untrusted bandwidth that triggers a major alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
untrusted-critical-threshold
Set the percentage of the untrusted bandwidth that triggers a critical alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
trusted-minor-threshold
Set the percentage of the trusted bandwidth that triggers a minor alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
trusted-major-threshold
Set the percentage of the trusted bandwidth that triggers a major alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
trusted-critical-threshold
Set the percentage of the trusted bandwidth that triggers a critical alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
arp-minor-threshold
Set the percentage of the arp bandwidth that triggers a minor alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
arp-major-threshold
Set the percentage of the arp bandwidth that triggers a major alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
arp-critical-threshold
Set the percentage of the arp bandwidth that triggers a critical alert for this threshold. When triggered, the system sends an alarm and a trap. Set the value to zero to disarm this threshold for alert events.
  • Default: 0
  • Values: Min: 0 / Max: 100
xcode-fax-max-rate

Specifies the maximum supported fax rate in bits per second.

  • Default: 14400
  • unlimited
  • 2400
  • 4800
  • 7200
  • 9600
  • 12000
  • 14400
home-realm-id
Enter the name of the home realm.
percent-sub
Specifies the maximum latency allowed.
  • Default: 0
  • Values: Min: 0 / Max: 100
pss-wd-key
Enter the password key.

Path

Path: media-manager-config is an element under the media-manager path. The full path from the topmost ACLI prompt is: configure terminal , media-manager, media-manager.

Note:

This is a single instance configuration element.

Options

Refer to Option Configuration in Chapter 1, How to use the ACLI for instructions on how to configure options.

unique-sdp-id
Enables or disables codec negotiation by updating the SDP session ID and version number. When enabled, the SBCwill hash the session ID and IP address of the incoming SDP with the current date/time of the SBC in order to generate a unique session ID.
active-arp
When enabled, this option causes all ARP entries to get refreshed every 20 minutes.

Note:

As a security measure, in order to mitigate the effect of the ARP table reaching its capacity, configuring active-arp is advised.