of 95
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.

Oracle Enterprise Session Border Controller and Alcatel Lucent OXE with Completel (SFR) SIP trunk. Technical Application Note

Category:

Entertainment

Publish on:

Views: 11 | Pages: 95

Extension: PDF | Download: 1

Share
Description
Oracle Enterprise Session Border Controller and Alcatel Lucent OXE with Completel (SFR) SIP trunk Technical Application Note Disclaimer The following is intended to outline our general product direction.
Transcript
Oracle Enterprise Session Border Controller and Alcatel Lucent OXE with Completel (SFR) SIP trunk Technical Application Note Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. 2 Table of Contents INTENDED AUDIENCE... 5 DOCUMENT OVERVIEW... 5 INTRODUCTION... 6 AUDIENCE... 6 REQUIREMENTS... 6 ARCHITECTURE... 7 LAB CONFIGURATION... 8 NETWORK PREREQUISITES... 8 CONFIGURING THE ORACLE ENTERPRISE SESSION BORDER CONTROLLER... 9 IN SCOPE... 9 OUT OF SCOPE... 9 WHAT WILL YOU NEED... 9 CONFIGURING THE E-SBC Initial Configuration Assigning the management Interface an IP address Physical Interface: High Availability Routing via Local Policy Create SIP Feature: Create Surrogate-agent Session Agent: Header manipulation rules SIP interface Configure Access Control Steering pool config: System configuration: Codec Policy Account Config Enable Authentication Webserver Configuration TEST PLAN EXECUTED: TROUBLESHOOTING TOOLS Wireshark On the Oracle E-SBC At the E-SBC Console: ExamALU OXEg the log files Through the Web GUI APPENDIX A FULL E-SBC CONFIGURATION APPENDIX B ACCESSING THE ACLI ACLI BASICS CONFIGURATION ELEMENTS CREATING AN ELEMENT EDITING AN ELEMENT DELETING AN ELEMENT CONFIGURATION VERSIONS SAVING THE CONFIGURATION ACTIVATING THE CONFIGURATION Intended Audience This document is intended for use by Oracle Systems Engineers, third party Systems Integrators, and end users of the Oracle Enterprise Session Border Controller (E-SBC). It assumes that the reader is familiar with basic operations of the Oracle Enterprise Session Border Controller. Document Overview Interactive Intelligence offers the ability to connect to Internet telephony service providers (ITSP) using an IP-based SIP trunk. This reduces the cost and complexity of extending an enterprise s telephony system outside its network borders. Oracle Enterprise Session Border Controllers (E-SBCs) play an important role in SIP trunking as they are used by many ITSPs and some enterprises as part of their SIP trunking infrastructure. This application note has been prepared as a means of ensuring that SIP trunking between ALU OXE, Oracle E-SBCs and IP Trunking services are configured in the optimal manner. 5 Introduction Audience This is a technical document intended for telecommunications engineers with the purpose of configuring the Oracle Enterprise Session Border Controller and ALU OXE CIC. There will be steps that require navigating the Command Line Interface (ACLI). Understanding the basic concepts of TCP/UDP, IP/Routing, SIP/RTP, TLS and SRTP are also necessary to complete the configuration and for troubleshooting, if necessary. Requirements Alcatel Lucent OXE version R l b-fr-c0 Oracle Enterprise Session Border Controller is running Acme Packet VME ECZ7.3.0 MR-2 Patch 1 o Note: the configuration running on the E-SBC is backward/forward compatible with any release in the & above stream. Equipment Version IP PBX Alcatel OXE R l b-fr-c0 Media Alcatel GD3 Gateway Carrier Cirpack V4.56 R18 Oracle AP VME SBC ECZ7.3.0 MR-2 Patch 1 Phones Alcatel IP Touch Alcatel IP Touch FAX Analog Fax G3 6 Architecture The following reference architecture shows a logical view of the connectivity Enterprise Network Verizon Carrier Network VZ MPLS Network SP Trunk Infrastructure PSTN 7 Lab Configuration Following are the IP addresses used for the Interoperability tests. The IPs below are specific to lab setup at Completely, the IPs in production will be vastly different from network addresses listed below. description network-interface realm interface IP sip-port SBC interfaces management wancom redundancy wancom redundancy wancom media/signaling s0p0:0 SP media/signaling s1p0:0 ENT Session-Agents Alcatel-Lucent Entreprise OXE Alcatel-Lucent Entreprise Media Gateway Completel SBC AP VME (outside) (inside) Alcatel IP Touch Phones Alcatel IP Touch Network prerequisites SBC Oracle: The Oracle SBC needs 2 network interfaces: - The first one (WAN interface): must have an IP that can communicate with the carrier network. - The second (LAN interface): must have an IP that can communicate with the IP PBX. Alcatel OXE: Alcatel OXE must be synchronize to a secure NTP source. IP Phones must be synchronized on the same secure NTP source. SIP trunk registration: Completel communicates the login, password and IP address for the SIP trunk registration. The SIP registration must be done on the Oracle E-SBC using the surrogate agent feature. 8 Configuring the Oracle Enterprise Session Border Controller In this section we describe the steps for configuring an Oracle Enterprise Session Border Controller, formally known as an Acme Packet Net-Net Enterprise Session Director, for use with CIC Server in a SIP trunking scenario. In Scope The following guide configuring the Oracle E-SBC assumes that this is a newly deployed device dedicated to a single customer. If a service provider currently has the E-SBC deployed then please see the ACLI Configuration Guide on for a better understanding of the Command Line Interface (CLI). Note that Oracle offers several models of E-SBC. This document covers the setup for the E-SBC platform running ECZ7.3.0 or later. If instructions are needed for other Oracle E-SBC models, please contact your Oracle representative. Out of Scope Configuration of Network management including SNMP and RADIUS What will you need Hypervisor with console connectivity through the hypervisor Terminal emulation application such as PuTTY or HyperTerm Passwords for the User and Super user modes on the Oracle E-SBC IP address to be assigned to management interface (Wancom0) of the E-SBC - the Wancom0 management interface must be connected and configured to a management network separate from the service interfaces. Otherwise the E-SBC is subject to ARP overlap issues, loss of system access when the network is down, and compromising DDoS protection. Oracle does not support E-SBC configurations with management and media/service interfaces on the same subnet. IP address of CIC external facing NIC IP addresses to be used for the E-SBC internal and external facing ports (Service Interfaces) IP address of the next hop gateway in the service provider network 9 Configuring the E-SBC Enter the following commands to login to the E-SBC and move to the configuration mode. Note that the default E-SBC password is acme and the default super user password is packet. Password: acme SBC1 enable Password: packet SBC1# configure terminal SBC1 (configure)# You are now in the global configuration mode. Initial Configuration Assigning the management Interface an IP address To assign an IP address, one has to configure the bootparams on the E-SBC by going to SBC1#configure terminal --- bootparams Once you type bootparam you have to use carriage return key to navigate down A reboot is required if changes are made to the existing bootparams SBC1#(configure)bootparam '.' = clear field; '-' = go to previous field; q = quit boot device : eth0 processor number : 0 host : acmesystem file : /code/images/nnecz730m2p1.bz --- location where the software is loaded on the SBC inet on ethernet (e) : :ffffff This is the ip address of the management interface of the SBC, type the IP address and mask in hex inet on backplane (b) : host inet (h) : gateway inet (g) : gateway address here user (u) : vxftp ftp password (pw) (blank = use rsh) flags (f) : target (tn) startup script (s) : other (o) : : vxftp : SBC1 - ACLI prompt & HA peer 10 The following section walks you through configuring the Oracle E-SBC. It is outside the scope of this document to include all of the configuration elements as it will differ in every deployment. Physical Interface: phy-interface ENT operation-type Media port 0 slot 1 virtual-mac 00:50:56:bd:00:1f admin-state auto-negotiation duplex-mode speed wancom-health-score 50 overload-protection last-modified-date :55:15 phy-interface SP operation-type Media port 0 slot 0 virtual-mac 00:50:56:bd:00:0f admin-state auto-negotiation duplex-mode FULL speed 100 wancom-health-score 50 overload-protection last-modified-date :55:02 phy-interface wancom1 operation-type Control port 1 slot 0 virtual-mac admin-state auto-negotiation 11 duplex-mode speed wancom-health-score 20 overload-protection last-modified-date :45:01 phy-interface operation-type port 2 slot 0 virtual-mac admin-state auto-negotiation duplex-mode speed wancom2 Control wancom-health-score 20 overload-protection last-modified-date :45:08 High Availability For additional information on High Availability please see the enterprise SBC documentation for more information (http://www.oracle.com/technetwork/indexes/documentation/oracle-comms-acmepacket html) Interfaces wancom1 and 2 need to be added to facilitate HA communication between the two HA pairs. network-interface wancom1 sub-port-id 0 description host ip-address pri-utility-addr sec-utility-addr netmask gateway sec-gateway gw-heartbeat state 12 heartbeat 0 retry-count 0 retry-timeout 1 health-score 0 dns-ip-primary dns-ip-backup1 dns-ip-backup2 dns-domain dns-timeout 11 signaling-mtu 0 hip-ip-list ftp-address icmp-address snmp-address telnet-address ssh-address last-modified-date :59:02 network-interface wancom2 sub-port-id 0 description host ip-address pri-utility-addr sec-utility-addr netmask gateway sec-gateway gw-heartbeat state heartbeat 0 retry-count 0 retry-timeout 1 health-score 0 dns-ip-primary dns-ip-backup1 dns-ip-backup2 dns-domain dns-timeout 11 signaling-mtu 0 hip-ip-list 13 ftp-address icmp-address snmp-address telnet-address ssh-address last-modified-date :59:23 redundancy-config state log-level INFO health-threshold 75 emergency-threshold 50 port 9090 advertisement-time 500 percent-drift 210 initial-time 1250 becoming-standby-time becoming-active-time 100 cfg-port 1987 cfg-max-trans cfg-sync-start-time 5000 cfg-sync-comp-time 1000 gateway-heartbeat-interval 0 gateway-heartbeat-retry 0 gateway-heartbeat-timeout 1 gateway-heartbeat-health 0 media-if-peercheck-time 0 peer osbc1 state type Primary destination address :9090 network-interface wancom1:0 destination address :9090 network-interface wancom2:0 peer osbc2 state type Secondary 14 destination address :9090 network-interface wancom1:0 destination address :9090 network-interface wancom2:0 last-modified-date :01:15 Additionally primary and secondary interface IPs need to be added to the media/signaling networkinterfaces network-interface ENT sub-port-id 0 description host ip-address pri-utility-addr sec-utility-addr netmask gateway sec-gateway gw-heartbeat state heartbeat 0 retry-count 0 retry-timeout 1 health-score 0 dns-ip-primary dns-ip-backup1 dns-ip-backup2 dns-domain dns-timeout 11 signaling-mtu 0 hip-ip-list ftp-address icmp-address snmp-address telnet-address ssh-address 15 last-modified-date :36:08 network-interface SP sub-port-id 0 description host ip-address pri-utility-addr sec-utility-addr netmask gateway sec-gateway gw-heartbeat state heartbeat 0 retry-count 0 retry-timeout 1 health-score 0 dns-ip-primary dns-ip-backup1 dns-ip-backup2 dns-domain dns-timeout 11 signaling-mtu 0 hip-ip-list ftp-address icmp-address snmp-address telnet-address ssh-address last-modified-date :36:52 16 Realms realm-config identifier ENT description addr-prefix network-interfaces ENT:0.4 mm-in-realm mm-in-network mm-same-ip mm-in-system bw-cac-non-mm msm-release qos-enable max-bandwidth 0 fallback-bandwidth 0 max-priority-bandwidth 0 max-latency 0 max-jitter 0 max-packet-loss 0 observ-window-size 0 parent-realm dns-realm media-policy class-profile in-translationid out-translationid in-manipulationid out-manipulationid average-rate-limit 0 access-control-trust-level invalid-signal-threshold 0 maximum-signal-threshold 0 untrusted-signal-threshold 0 nat-trust-threshold 0 max-endpoints-per-nat 0 nat-invalid-message-threshold 0 wait-time-for-invalid-register 0 deny-period 30 cac-failure-threshold 0 untrust-cac-failure-threshold 0 ext-policy-svr diam-e2-address-realm subscription-id-type END_USER_NONE symmetric-latching pai-strip trunk-context device-id early-media-allow enforcement-profile 17 additional-prefixes restricted-latching restriction-mask 32 user-cac-mode user-cac-bandwidth 0 user-cac-sessions 0 icmp-detect-multiplier 0 icmp-advertisement-interval 0 icmp-target-ip monthly-minutes 0 options spl-options accounting-enable net-management-control delay-media-update refer-call-transfer hold-refer-reinvite refer-notify-provisional dyn-refer-term codec-policy ENT codec-manip-in-realm codec-manip-in-network rtcp-policy constraint- session-recording-server session-recording-required manipulation-string manipulation-pattern stun-enable stun-server-ip stun-server-port 3478 stun-changed-ip stun-changed-port 3479 sip-profile sip-isup-profile match-media-profiles qos-constraint block-rtcp hide-egress-media-update tcp-media-profile monitoring-filters aleoxe node-functionality default-location-string alt-family-realm pref-addr-type last-modified-date :08:34 realm-config identifier SP description 18 addr-prefix network-interfaces SP:0.4 mm-in-realm mm-in-network mm-same-ip mm-in-system bw-cac-non-mm msm-release qos-enable max-bandwidth 0 fallback-bandwidth 0 max-priority-bandwidth 0 max-latency 0 max-jitter 0 max-packet-loss 0 observ-window-size 0 parent-realm dns-realm media-policy class-profile in-translationid out-translationid in-manipulationid out-manipulationid average-rate-limit 0 access-control-trust-level medium invalid-signal-threshold 0 maximum-signal-threshold 0 untrusted-signal-threshold 0 nat-trust-threshold 0 max-endpoints-per-nat 0 nat-invalid-message-threshold 0 wait-time-for-invalid-register 0 deny-period 30 cac-failure-threshold 0 untrust-cac-failure-threshold 0 ext-policy-svr diam-e2-address-realm subscription-id-type END_USER_NONE symmetric-latching pai-strip trunk-context device-id early-media-allow enforcement-profile additional-prefixes restricted-latching restriction-mask 32 user-cac-mode user-cac-bandwidth 0 19 user-cac-sessions 0 icmp-detect-multiplier 0 icmp-advertisement-interval 0 icmp-target-ip monthly-minutes 0 options spl-options accounting-enable net-management-control delay-media-update refer-call-transfer hold-refer-reinvite refer-notify-provisional dyn-refer-term codec-policy SP codec-manip-in-realm codec-manip-in-network rtcp-policy constraint- session-recording-server session-recording-required manipulation-string manipulation-pattern stun-enable stun-server-ip stun-server-port 3478 stun-changed-ip stun-changed-port 3479 sip-profile sip-isup-profile match-media-profiles qos-constraint block-rtcp hide-egress-media-update tcp-media-profile monitoring-filters completel node-functionality default-location-string alt-family-realm pref-addr-type last-modified-date :42:25 realm-config identifier auth description addr-prefix network-interfaces ENT:0.4 mm-in-realm mm-in-network mm-same-ip 20 mm-in-system bw-cac-non-mm msm-release qos-enable max-bandwidth 0 fallback-bandwidth 0 max-priority-bandwidth 0 max-latency 0 max-jitter 0 max-packet-loss 0 observ-window-size 0 parent-realm dns-realm media-policy class-profile in-translationid out-translationid in-manipulationid out-manipulationid average-rate-limit 0 access-control-trust-level invalid-signal-threshold 0 maximum-signal-threshold 0 untrusted-signal-threshold 0 nat-trust-threshold 0 max-endpoints-per-nat 0 nat-invalid-message-threshold 0 wait-time-for-invalid-register 0 deny-period 30 cac-failure-threshold 0 untrust-cac-failure-threshold 0 ext-policy-svr diam-e2-address-realm subscription-id-type END_USER_NONE symmetric-latching pai-strip trunk-context device-id early-media-allow enforcement-profile additional-prefixes restricted-latching restriction-mask 32 user-cac-mode user-cac-bandwidth 0 user-cac-sessions 0 icmp-detect-multiplier 0 icmp-advertisement-interval 0 icmp-target-ip monthly-minutes 0 21 options spl-options accounting-enable net-management-control delay-media-update refer-call-transfer hold-refer-reinvite refer-notify-provisional dyn-refer-term codec-policy codec-manip-in-realm codec-manip-in-network rtcp-policy constraint- session-recording-server session-recording-required manipulation-string manipulation-pattern stun-enable stun-server-ip stun-server-port 3478 stun-changed-ip stun-changed-port 3479 sip-profile sip-isup-profile match-media-profiles qos-constraint block-rtcp hide-egress-media-update tcp-media-profile monitoring-filters node-functionality default-location-string alt-family-realm pref-addr-type last-modified-date :37:59 22 Enable SIP on the SBC and configure default configuration required on the SBC as follows SIP Config sip-config state operation-mode dialog dialog-transparency home-realm-id egress-realm-id auto-realm-id nat-mode None registrar-domain * registrar-host * registrar-port 0 register-service-route always init-timer 500 max-timer 4000 trans-expire 32 initial-inv-trans-expire 0 invite-expire 180 inactive-dynamic-conn 32 enforcement-profile pac-method pac-interval 10 pac-strategy PropDist pac-load-weight 1 pac-session-weight 1 pac-route-weight 1 pac-callid-lifetime 600 pac-user-lifetime 3600 red-sip-port 1988 red-max-trans red-sync-start-time 5000 red-sync-comp-time 1000 options drain-sendonly max-udp-length=0 sag-target-uri=ip set-inv-exp-at-100-resp add-reason-header sip-message-len 4096 enum-sag-match extra-method-stats extra-enum-stats 23 rph-feature nsep-user-sessions-rate 0 nsep-sa-sessions-rate 0 registration-cache-limit 0 register-use-to-for-lp refer-src-routing add-ucid-header proxy-sub-events allow-pani-for-trusted-only atcf-stn-sr atcf-psi-dn atcf-route-to-sccas eatf-stn-sr pass-gruu-contact sag-lookup-on-redirect set-disconnect-time-on-bye msrp-delayed-bye-timer 15 transcoding-realm transcoding-agents create-dynamic-sa node-functionality P-CSCF match-sip-instance sa-routes-stats sa-routes-traps rx-sip-reason-mapping add-ue-location-in-pani hold-emergency-calls-for-loc-info 0 last-modified-date :00:10 Routing via Local Policy For outbound calls the local-policy determines which trunk to forward the call based on the NPA of the request-uri. This is configured in the local policy of the To. For most configurations there will be only 1 inside and outside realm. For a single inside/outside realm configuration the local policy to and from would be set to *. Redundant trunk configurations will use a session-agent group. local-policy from-address * to-address * source-realm ENT description activate-time 24 deactivate-time state policy-priority policy-attribute next-hop siptrunk.voip.completel.fr realm SP terminate-recursion carrier start-time 0000 end-time 2400 days-of-week U-S cost 0 state app-protocol methods media-profiles lookup single next-key eloc-str-lkup eloc-str-match last-modified-date :26:18 local-policy from-address * to-address * source-realm SP description activate-time deactivate-time state policy-priority policy-attribute next-hop realm ENT terminate-recursion carrier start-time 0000 end-time 2400 days-of-week U-S cost 0 25 state app-protocol methods media-profiles lookup single next-key eloc-str-lkup eloc-str-match last-modified-date :34:17 Create SIP Feature: sip-feature REGISTER realm ENT support-mode-inbound Pass require-mode-inbound Pass proxy-require-mode-inbound Pass support-mode-outbound Pass require-mode-outbound Pass proxy-require-mode-outbound Pass last-modified-date :01:19 sip-feature REGISTER realm SP support-mode-inbound Pass require-mode-inbound Pass proxy-require-mode-inbound Pass support-mode-outbound Pass require-mode-outbound Pass proxy-require-mode-outbound Pass last-modified-date :14:47 26 Create Surrogate-agent T
Similar documents
View more...
Search Related
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks