Guest

Cisco Unified Border Element

Cisco Unified Border Element and Cisco IOS Gatekeeper FAQ

  • Viewing Options

  • PDF (465.2 KB)
  • Feedback

General

Q. What is the Cisco ® Unified Border Element?
A. The Cisco Unified Border Element is a session border controller designed to provide easy, secure, and cost-effective connectivity between independent unified communications (including voice-over-IP [VoIP] and video-over-IP) networks or network domains for different enterprises. It provides interconnection between incompatible applications within the enterprise network, between different enterprises for business-to-business applications, and between enterprise networks and service provider Session Initiation Protocol (SIP) trunks.
The Cisco Unified Border Element provides key session management capabilities, H.323 and SIP interworking functions, and network-to-network interface security and demarcation capabilities. It performs most of the same functions of a public switched telephone network (PSTN)-to-IP gateway but joins two VoIP call legs. Media packets can either flow through (thus hiding the networks from each other) or around the Cisco Unified Border Element platform.
Q. Why would I use the Cisco Unified Border Element?
A. The Cisco Unified Border Element provides a connectivity point for interconnecting realms of unified communications. The connectivity point may require security screening of communications passing through the point, a billing or troubleshooting demarcation between departments or networks, a protocol conversion (H.323 to SIP) point, Call Admission Control (CAC) decisions, or a transcoding service. Specific applications include connectivity to service provider SIP trunk services or between different unified communications applications within a business such as Cisco Unified Communications Manager and a Cisco MeetingPlace ® meeting.
Q. How is pricing for the Cisco Unified Border Element determined?
A. Pricing for the Cisco Unified Border Element is determined either through a capacity-based license that allows a specific number of sessions (for example, FL-CUBEE-5, FL-CUBEE-25, or FL-CUBEE-100 licenses, which allow 5, 25, or 100 sessions, respectively), or a platform-based license (for example, the FL-INTVVSRV licenses, which allow as many sessions as the CPU of the platform can sustain). The Cisco Unified Border Element Ordering Guide explains the details of the license options available for different platforms.
Q. What is the difference between the FL-CUBE-XXX and FL-CUBEE-XXX license SKUs?
A. The FL-CUBE-XXX licenses apply to the Cisco 28x00 and 3800 series ISR G1 routers, and the FL-CUBEE-XXX licenses apply to the Cisco 2900 and 3900 series ISR G2 routers. The ISR G2 routers have additional features, such as box-to-box redundancy, that is not supported on the ISR G1 routers.
Q. When should I use the FL-CUBEE-XXX-RED and FLASR1-CUBEE-xxxR redundancy license SKUs?
A. The redundancy license SKUs apply to Active/Standby virtual IP configurations where only one platform is taking active calls at any particular time and the other platform is in warm standby mode to be activated upon a failure of the primary platform.
A single license enables the purchased session count for both platforms, e.g.the FL-CUBEE-100-RED purchased for two Cisco 3945 routers enables a 100-session SIP trunk on both the Active and Standby routers.
For Active/Active and load balancing redundancy configurations where both routers take calls at the same time, the normal single-use session licenses should be ordered for each individual platform.
Q. What interoperability testing has Cisco validated?
A. Cisco has validated interoperability with Cisco Unified Communications Manager, Cisco IOS ® Gatekeepers, Cisco IOS Gateways, and the Cisco PGW 2200 Softswitch. Configuration guidance for interoperability is posted at the Cisco Interoperability Portal.
Third-party interoperability is achieved by Cisco's extensive participation in independent testing events, and conformance with H.323 and SIP standards. For a complete list of SIP RFC compliances of Cisco IOS Software, refer to the Achieving SIP RFC Compliance document. Specific configuration examples of interworking with third-party IP private branch exchanges (PBXs) and service provider SIP trunk offerings are also available at the Cisco Interoperability Portal.

Platforms and Software Images

Q. What platforms support the Cisco Unified Border Element?
A. The Cisco Unified Border Element is an integrated application within Cisco IOS Software that runs on the Cisco 2800, 3800, 2900, 3900, and 3900E Series Integrated Service Routers (ISRs) for integrated data and unified communications services; it also runs on the Cisco AS5350XM and AS5400XM Universal Gateways and the Cisco ASR 1000 Series Aggregation Services Routers.
Q. What images are supported for the Cisco Unified Border Element? What considerations should I be aware of when ordering?
A. Generally, for the Cisco 2800 and 3800 Series platforms, the Cisco Unified Border Element is supported on all Cisco IOS Software images of IP Voice and above. The Cisco 2900, 3900, and 3900E Series platforms have a universal image, which includes the Cisco Unified Border Element features, and the capability is activated by the appropriate license. On the Cisco ASR 1000 Series platforms, the Cisco Unified Border Element is supported in the Advanced IP Services and Advanced Enterprise Services images. The data sheet and Cisco Unified Border Element Ordering Guide give details about image names and platform requirements. Note that you must purchase a feature license to gain support from the Cisco Technical Assistance Center (TAC). To check current prices for the Cisco Unified Border Element, use the pricing tool (Cisco.com login is required).
Q. What are the features in the Cisco Unified Border Element images, and what are the differences in the image sets offered on each platform?
A. A range of software images is available with different tiers of capabilities for the different supported platforms. On the Cisco 2900 and 3900 Series platforms, which have a universal image, the Cisco Unified Border Element is activated by enabling the appropriate license and CLI on the platform. On the Cisco 2800 and 3800 Series Integrated Services Routers, the Cisco Unified Border Element is supported on the IP Voice and higher-level images. The more sophisticated features, such as security and gatekeeper, require a higher-level image. On the Cisco ASR 1000 Series platform, select Cisco Unified Border Element features are supported; gatekeeper functions are not supported. The Cisco Unified Border Element Ordering Guide provides further details.
All software images with the Cisco Unified Border Element require a feature license.
Q. If my customer already has an applicable platform, how can I help the customer upgrade to support the Cisco Unified Border Element?
A. You can use existing Cisco 2800, 3800, 2900, 3900, AS5350XM, and AS5400XM platforms as a Cisco Unified Border Element. If the platform is currently used as a PSTN gateway, you can easily upgrade the platform to add the Cisco Unified Border Element functions by loading an image that supports these functions and purchasing the required software licenses.
Q. What are the memory requirements for running the Cisco Unified Border Element?
A. The memory requirements for the Cisco 2800 and 3800 Series platforms are 128 MB of flash memory and 512 MB of DRAM. For the Cisco AS5350XM and AS5400XM platforms, 128 MB of flash memory and 1 GB of DRAM are recommended. For the Cisco 2900 and 3900 Series platforms, 256 MB of flash memory and 1 GB of DRAM are recommended for traffic loads of fewer than 500 simultaneous calls. For more than 500 simultaneous calls, or high calls-per-second (CPS) rates, 2 G of DRAM is recommended.
Q. What are the performance guidelines for the Cisco Unified Border Element?
A. The maximum number of simultaneous IP-to-IP calls that each platform can carry depends on several parameters, including but not limited to traffic mix, average call-hold time, call arrival rate, desired CPU usage percentage, the codec used, transcoding, and whether or not voice activity detection (VAD) is activated.
The values in Table 1 assume the use of a G.711 codec, with VAD turned off, call-hold times of 180 seconds, flow-through mode, Cisco IOS Software Release 15.0.1M, Ethernet egress, and CPU use not to exceed 75 percent. These values should be used as guidelines only and should not be taken as guaranteed performance.

Table 1. Number of IP-to-IP Calls per Platform

Platform

Maximum Number of Simultaneous Calls (Flow-Through)

Cisco 3945E

2500

Cisco 3925E

2100

Cisco 3945

950

Cisco 3925

800

Cisco 2951

500

Cisco 2921

400

Cisco 2911

200

Cisco 2901

100

Cisco ASR 1004; and Cisco ASR 1006 Router Processor 2 (RP2)

5000; 16000*

Cisco ASR 1002, ASR 1004, and ASR 1006 RP1

1750

Cisco AS5350XM and AS5400XM

600

Cisco 3845

500

Cisco 3825

400

Cisco 2851

225

Cisco 2821

200

Cisco 2811

110

Cisco 2801

55

* Note: Up to 5000 calls are supported on Cisco IOS Software Release 2.5, and up to 16000 calls on Release 2.6 or later.

Availability of Features in Cisco IOS Software Releases

Q. What Cisco IOS Software release supports specific Cisco Unified Border Element functions and features?
A. This product was first introduced as the Cisco Multiservice IP-to-IP Gateway in Cisco IOS Software Release 12.2(13)T3 and has since had numerous feature releases. The Cisco Unified Border Element Features Roadmap document gives information about specific features introduced in specific releases.
Q. How do the Cisco Unified Border Element releases map to Cisco IOS Software releases?
A. Table 2 provides a mapping of Cisco Unified Border Element releases to Cisco IOS Software releases.

Table 2. Cisco Unified Border Element Release Mapping to Cisco IOS Software Releases

Cisco Unified Border Element Release

Cisco IOS Software Release for the Cisco ISR Platforms

Cisco IOS Software Release for the Cisco ASR Platforms

1.0

12.3(11)T

-

12.4(4)T

-

12.4(6)T

-

12.4(9)T

-

12.4(11)T

-

12.4(11)XW and 12.4(20)T

-

1.1

12.4(15)XY and 12.4(20)T

-

1.2

12.4(15)XZ and 12.4(20)T

2.5 and 2.6

1.3

12.4(22)YB and 15.0(1)M

3.1

1.4

15.0(1)XA and 15.1(1)T

3.1

8.5

15.1(2)T

Features

Q. What redundancy mechanisms does the Cisco Unified Border Element offer?
A. You can implement a wide variety of redundancy designs of varying levels of sophistication using combination of capabilities offered by Cisco Unified Border Element. The redundancy building blocks include inbox software redundancy (Cisco ASR 1001, 1002 and 1004 platforms), inbox hardware redundancy (Cisco ASR 1006 platform), box-to-box redundancy (Cisco ISR G2 and ASR 1001, 1002 and 1004 platforms), load balancing redundancy using Cisco Unified SIP Proxy (CUSP) in conjunction with Cisco Unified Border Element (all of platforms), and service provider redundancy (all platforms). Load balancing and service provider redundancy can be leveraged to provide geographic redundancy designs. The box-to-box redundancy features on the ISR G2 platforms preserve established calls during a failover, the inbox and box-to-box redundancy features on the ASR platforms provide stateful failover. Deploying box-to-box redundancy on the ISR G2s requires a minimum Cisco IOS release of 15.1.2T, and on the ASR platforms a minimum of Cisco IOS-XE Release 3.2
Q. What version of SIP does the Cisco Unified Border Element support?
A. The Cisco Unified Border Element complies with RFC 3261.
Q. Can the Cisco Unified Border Element support both early and delayed media SIP calls?
A. Yes. The Cisco Unified Border Element supports SIP Early Offer-to-Early Offer, Delayed Offer-to-Delayed Offer, and Delayed Offer-to-Early Offer on SIP-to-SIP calls. Additionally, H.323 FastStart, SIP Early Offer, H.323 SlowStart, and SIP Delayed Offer are supported for H.323-to-SIP calls.
Q. What version of H.323 does the Cisco Unified Border Element support?
A. H.323 support on the Cisco Unified Border Element is the same as that of the Cisco IP-to-time-division multiplexing (TDM) gateways. Both support H.323v4. Note: H323v4 is backward-compatible with H.323v3 and H.323v2.
Q. Can the Cisco Unified Border Element support both FastStart and SlowStart modes at the same time for a single call?
A. Yes. If a FastStart call is on an inbound call leg and a SlowStart call is on an outbound call leg, the Cisco Unified Border Element supports conversion from one mode to another. Both legs do not need to be in the same mode.
Q. What do "flow around" and "flow through" mean?
A. The terms describe whether the Real-Time Transport Protocol (RTP), or media, traffic from the originating and terminating endpoints flows through the Cisco Unified Border Element or flows around it (directly from endpoint to endpoint).
Advantages of flow-through mode include the obscuring of endpoint RTP port numbers and IP addresses, support for supplementary services, converting in-band dual-tone multifrequency (DTMF) relay such as RFC 2833 to out-of-band methods, and doing media manipulation such as transcoding. Flow-around support can reduce the CPU load on the Cisco Unified Border Element, but address hiding on RTP packets is no longer applicable, transcoding cannot be done, and some supplementary services may not be supportable.
Flow around for H.323-to-H.323 mode is supported as of Cisco IOS Software Release 12.3(1), and flow around for SIP-to-SIP calls is supported as of Cisco IOS Software Release 12.4(9)T.
Q. Does the Cisco Unified Border Element perform transcoding?
A. Yes. Transcoding is supported except on the Cisco ASR platforms, which do not have digital-signal-processor (DSP) hardware that can support transcoding. DSP hardware for transcoding can reside on the same platform as the Cisco Unified Border Element or on a separate router. Transcoding between any two of the following codecs is supported:

G.711 a-law: 64 kbps

G.711 μ-law: 64 kbps

G.723: 5.3 and 6.3 kbps

G.729 and G.729A: 8 kbps

G.729B and G.729AB: 8 kbps

Internet Low Bitrate Codec (iLBC): 13.3 and 15.2 kbps

G.722: 64 kbps

ISAC: 10 to 32 kbps

Q. Does the Cisco Unified Border Element support hunt groups?
A. Yes, except that all dial peers in the hunt group must have identical parameters for the call. Call parameters are not renegotiated while hunting after an initial connect failure.
Q. What is a transparent codec, and what does it do?
A. The Cisco Unified Border Element transparently passes capabilities between endpoints. To configure this function in Cisco IOS Software, a new codec type called the transparent codec is used.
The transparent codec is unique to the Cisco Unified Border Element. Configuring codec transparent on the Cisco Unified Border Element allows it to pass through codecs that it understands, but it does not force the negotiation of any particular codec - codec negotiation is left to the two endpoints. Only codecs that are supported on the Cisco Unified Border Element can be passed between the two call legs.
Q. What is codec filtering?
A. The Cisco Unified Border Element supports codec filtering, a mechanism designed to force a call to select a specific codec from a list of codecs. You can enable codec filtering by restricting codecs advertised on outbound call legs. For example, you can restrict high-bandwidth codecs on the re-origination side of the outbound dial peer of the gateway.
Q. How are packets transferred from one call leg to the other?
A. RTP packets are fast-switched through the Cisco Unified Border Element. The payload is neither examined nor modified, but the header information, such as source IP address, is updated.
Q. Does the Cisco Unified Border Element affect voice or video quality?
A. The effect on quality is minimal because no encoding or decoding is required. The average media latency is only minimally increased, by about 2 milliseconds (ms).

The Cisco Unified Border Element setup with Registration, Admission, and Status (RAS) signaling adds about 25 ms of post-dial delay (under a call load of 500). This number is derived from a 5-ms delay for each passed-along call-setup message.

Q. How might the Cisco Unified Border Element affect packet QoS markings, and why would we use it?
A. You can configure the Cisco Unified Border Element to change quality-of-service (QoS) packet marking (IP Precedence or Differentiated Services Code Point [DSCP]) of RTP packets. This remarking allows the existing QoS policies of the different network to remain unchanged, and the Cisco Unified Border Element itself can map between these networks to provide the appropriate level of prioritization on both sides of the network.
Q. Does the Cisco Unified Border Element pass along Compressed RTP (cRTP)?
A. The Cisco Unified Border Element supports cRTP. All cRTP traffic is decompressed on the ingress interface before it is switched through the router; then it is recompressed on the egress interface if cRTP is configured on the egress interface.
Q. Does the Cisco Unified Border Element support standard Cisco vendor-specific attributes (VSAs)?
A. Yes. The Cisco Unified Border Element supports all the standard VSAs currently available on Cisco IP-to-TDM gateways.
Q. Can the Cisco Unified Border Element handle unified communications and data traffic simultaneously?
A. Yes. CPU performance must be engineered to allow for all types of traffic flowing through the router.
Q. Does the Cisco Unified Border Element support interactive voice response (IVR)?
A. The Cisco Unified Border Element can work with Tool Command Language (Tcl) IVR scripts or VoiceXML applications to provide IVR capabilities to call legs. A basic single-stage call using a Tcl script is supported (session.tcl). Custom scripts that use IVR verbs (to play a prompt or collect digits, for example) are also supported. Tcl scripts that result in call flows, such as call transfer or hunting, are not supported.

Bearer Capabilities

Q. Does the Cisco Unified Border Element support in-band DTMF (not DTMF Relay) on SIP trunks?
A. Yes, the Cisco Unified Border Element supports in-band tones in G.711 on unified communications SIP trunks, and can convert these in-band tones to RFC 2833 DTMF Relay for interoperability with the rest of the network.
Q. Does the Cisco Unified Border Element support early media-to-delayed media conversion for SIP-to-SIP calls?
A. Yes.
Q. When are DSPs needed on the Cisco Unified Border Element?
A. Access to DSPs is needed when the Cisco Unified Border Element performs transcoding for the media stream. The DSPs can be housed physically on the same platform as Cisco Unified Border Element or on a neighboring router. It is also needed if in-band DTMF tones (non-RFC 2833) must be detected and converted to DTMF relay methods. DSPs are not needed to detect RFC 2833-encoded tones.
Q. Does the Cisco Unified Border Element support the empty capability set?
A. Yes, it transparently passes the empty capability set from one call leg to the other.
Q. Does the Cisco Unified Border Element support fax, modem, and DTMF?
A. Yes. The Cisco Unified Border Element transparently passes the following:

Fax: T.38 Fax Relay, Cisco Fax Relay, and Fax Passthrough

Modem: Modem Passthrough

DTMF: DTMF Relay: H.245 (signaling and alphanumeric), RFC 2833, SIP Notify, Skinny Client Control Protocol (SCCP) out of band (OOB), and G.711 in-band DTMF

Q. Does the Cisco Unified Border Element support translation rules and digit manipulation?
A. Yes, it has the same support for translation rules and digit manipulation on VoIP dial peers as other Cisco H.323 and SIP gateways.
Q. What is a conference ID? Does the Cisco Unified Border Element carry the same conference ID on both call legs?
A. A conference identifier is a globally unique identifier (GUID) as defined in the H.323 standard. The Cisco Unified Border Element carries the same conference ID on both call legs. All call legs that belong to a single call carry this identifier. Billing servers use the conference ID to correlate all such call legs belonging to a call. Cisco billing partners already understand and use conference ID, so there is no change in handling when it comes to the two call legs on a Cisco Unified Border Element.

Enterprises and SMBs

Q. Should a Cisco Unified Border Element be used when a unified communications SIP trunk delivers calls into an enterprise or small and medium-sized business (SMB) site?
A. Yes. A proper demarcation point should exist between the service provider network and the private (enterprise or SMB) network to provide all the manageability, security, and troubleshooting benefits that TDM PSTN gateways provide. The Cisco Unified Border Element provides many additional functions in the enterprise network that are necessary to protect your enterprise call agents and endpoints from protocol and media variations that may exist on the unified communications SIP trunk. These functions include IP address hiding, CAC, protocol signaling, media normalization (for example, in-band DTMF-to-DTMF Relay conversion), and SIP normalization (manipulation of SIP headers for different networks or policies).
Q. What versions of Cisco Unified Communications Manager have been verified with the Cisco Unified Border Element?
A. Cisco CallManager 3.0 or later and Cisco IOS Software Release 12.3(1) or later with H.323 have been verified with the Cisco Unified Border Element, in addition to Cisco Unified Communications Manager 5.x and later with Cisco IOS Software Release 12.4(6)T and later with SIP. Many specific releases of Cisco Unified Communications Manager and Cisco IOS Software have introduced specific features for both H.323 and SIP interconnectivity. Cisco Unified Communications Manager requirements for a Media Termination Point (MTP) also vary among its releases and specific call flows. Please check configuration and feature documentation on both products for specific details, as well as the Interoperability Portal for configuration examples.
Q. Can I use a unified communications SIP trunk from a provider without implementing SIP on Cisco Unified Communications Manager?
A. Yes. This benefit is one of the many that the Cisco Unified Border Element offers. Interoperability with Cisco Unified Communications Manager is possible with H.323 if the Cisco Unified Border Element terminates the SIP trunk. You can operate in this manner until it is convenient to upgrade your enterprise network to SIP signaling on the Cisco Unified Communications Manager side, and then merely change the protocol from H.323 to SIP on the Cisco Unified Border Element dial peer facing toward Cisco Unified Communications Manager.
Q. Is an MTP needed when using a Cisco Unified Border Element with Cisco Unified Communications Manager?
A. The Cisco Unified Border Element does not require MTPs. When connected to Cisco Unified Communications Manager, Cisco Unified Communications Manager may require an MTP for the specific call flow. If so, the MTP may reside on the same router platform as the Cisco Unified Border Element or on a separate router. Requirements for MTPs vary with the protocol, deployment model, and release of Cisco Unified Communications Manager used.
MTP requirements when using an H.323 trunk to Cisco Unified Communications Manager follow:

If the Cisco Unified Border Element is handling H.323-to-H.323 calls, an MTP is not mandatory if the Cisco Unified Border Element release uses Cisco IOS Software Release 12.4(6)T or later and the Cisco Unified Communications Manager is Version 4.1 or later.

An MTP can be co-resident on the same router as the Cisco Unified Border Element.

MTP requirements when using a unified communications SIP trunk to Cisco Unified Communications Manager follow:

Configure a SIP trunk without MTP if delayed media or an INVITE with no Secure Device Provisioning (SDP) is acceptable.

Configure a SIP trunk with an MTP if early media or an INVITE with SDP is a requirement (G.711 calls only).

Service Provider - Access and CPE Capabilities

Q. Can other router-based services be co-located with the Cisco Unified Border Element on managed customer-premises-equipment (CPE) devices?
A. Yes.
Q. How can I manage the Cisco Unified Border Element as a CPE device?
A. All general Cisco IOS Software router services and management interfaces such as Telnet access; Secure Shell (SSH) Protocol; Simple Network Management Protocol (SNMP); and authentication, authorization, and accounting (AAA) are available on the Cisco Unified Border Element to interface with existing router network management applications to allow for downloading and editing of configurations and service monitoring.
Q. How can I perform the lawful intercept function on the Cisco Unified Border Element?
A. Part of the Cisco Unified Border Element software, the lawful intercept function is supported on the Cisco 2851, 3825, and 3845 platforms only. If you need only the lawful intercept function, you need only the Cisco Unified Border Element software image. Refer to the Cisco Service Independent Intercept Architecture document for more information about the Cisco architecture for lawful intercept.

Call Admission Control

Q. What mechanisms of CAC do the Cisco Unified Border Element support?
A. Call Admission Control with a Cisco Unified Border Element can be provided based on total calls, CPU, memory, global IP call capacity, per dial-peer IP call capacity, global or per dial-peer call arrival rate (call spike protection), , and by using the Resource Reservation Protocol (RSVP).
Q. Can I use RSVP to provide CAC for calls through the Cisco Unified Border Element?
A. Yes, for H.323 calls. This capability is typically used to provide CAC on H.323 Inter-Cluster Trunks (ICTs) between Cisco Unified Communications Manager clusters.

Security

Q. Can the Cisco Unified Border Element perform Network Address Translation (NAT)?
A. The Cisco Unified Border Element inherently performs NAT and Port Address Translation (PAT) functions for unified communications calls because it terminates and re-originates all sessions. In this function, the Cisco Unified Border Element substitutes its own address for the address of any endpoint it communicates with, thus effectively hiding (translating) the address of that endpoint. This function is slightly different from the function of the Cisco Hosted NAT Traversal application, where typically a third address is substituted in the place of an endpoint address. Hosted NAT Traversal is also supported on the Cisco Unified Border Element.
Q. Should I use a firewall with the Cisco Unified Border Element?
A. The Cisco Unified Border Element provides many security features (including topology hiding, SIP protocol inspection, and rogue or malformed packet detection, toll-fraud protection, and encryption) for the unified communications sessions that pass through it - using an additional external firewall is supported but optional. Typically firewalls do general traffic inspection that sees all traffic coming into the network, whereas the Cisco Unified Border Element sees only H.323 or SIP traffic. If Internet traffic arrives on the same physical interface as the SIP trunk, you should use a firewall device. If you use an external firewall device, you can place it on the outside or the inside of the network with respect to the Cisco Unified Border Element, depending on your enterprise’s network security operations policies. You can also place the Cisco IOS Firewall on the same platform as the Cisco Unified Border Element to provide security protection.
Q. Can I change the default SIP listening port 5060?
A. Yes. You can configure it to any valid port number.
Q. How does the address-hiding feature appear to external devices and networks when multiple customers are involved?
A. Figure 1 illustrates a basic Cisco Unified Border Element network. From the perspective of the private, or customer, networks, the Cisco Unified Border Element appears as a single public address that must be routable on their private networks (in this case a 192.x.x.x address routable on the 10.10.x.x and 12.10.x.x networks). You should ensure that proper routing restrictions are in place at the Cisco Unified Border Element to prevent communication directly between the private networks attached to it. Note that this model works only if no overlapping address schemes are used on the customers' networks. Finally, to the hop-off gateways on the public network, all calls appear to originate from the 192.x.x.x address of the Cisco Unified Border Element and not the private addresses on the customer networks.
Figure 1. Cisco Unified Border Element Network

Q. Does the Cisco Unified Border Element support Virtual Route Forwarding (VRF)?
A. Voice VRF awareness is available as of Cisco IOS Software Release 12.4(15)T. A single VRF for voice is supported for SIP or H.323.
Q. Is Message Digest Algorithm 5 (MD5) supported with Digest Authentication?
A. Yes, the Cisco Unified Border Element response to a Digest Authentication is MD5 encrypted.
Q. Does Cisco token security work with the Cisco Unified Border Element?
A. Yes. The security features using Cisco Interzone ClearToken (IZCT) are passed through, allowing you to insert the Cisco Unified Border Element into a secure network.

TelePresence and Video

Q. Can the Cisco Unified Border Element handle video and voice traffic at the same time?
A. Yes. Video traffic is supported for H.323-H.323 and SIP-SIP connections. Voice traffic is additionally supported for H.323-SIP traffic.
Q. What video codecs does the Cisco Unified Border Element support?
A. The Cisco Unified Border Element supports H.261, H.263, and H.264.
Q. How does the Cisco Unified Border Element differ from the Cisco Multimedia Conference Manager (MCM)?
A. The Cisco Unified Border Element implements all the functions of the Cisco MCM and also includes:

H.323 v.4 support

RSVP call synchronization

Support for additional codecs for voice and video (H.264, for example)

Ability to register multiple Cisco Unified Border Elements to a single Cisco IOS Gatekeeper and load balance across them

Q. Does the Cisco Unified Border Element replace the Cisco MCM?
A. The Cisco Unified Border Element is preferred for new H.323 video network deployments. Positioning the Cisco Unified Border Element as a replacement for customers who already have Cisco MCM video networks requires planning. Customers might interpret "replacement" to mean they can simply remove the Cisco MCM and insert the Cisco Unified Border Element in its place. Refer to the “Cisco IP Videoconferencing Solution Reference Network Design Guide” for more information about network design.

Gatekeeper

Q. Can the Cisco Unified Border Element register to more than one gatekeeper?
A. No, the Cisco Unified Border Element can register with only one gatekeeper. However, more than one Cisco Unified Border Element can register to one gatekeeper.
Q. Can I use the Cisco Unified Border Element without a gatekeeper?
A. Yes. The Cisco Unified Border Element can run without a gatekeeper by configuring direct dial peers. However, running with a Cisco gatekeeper for H.323 configurations or a SIP proxy in SIP networks often results in the most scalable network design.
Q. Is a special Cisco gatekeeper image required to work with the Cisco Unified Border Element? If so, which Cisco IOS Software release is required?
A. Using a Cisco gatekeeper is highly recommended for taking full advantage of the available routing, load-balancing, and call-admission capabilities. The Cisco gatekeeper requires an IVS (INT VOICE/VIDEO, IPIP GW, TDMIP GW) or AVS (INT VOICE/VIDEO, IPIPGW, TDMIP GW AES) image with Cisco IOS Software Release 12.2(13)T or later to provide all the functions of the Cisco IOS Gatekeeper solution.
Q. What if I just want gatekeeper capabilities?
A. The Cisco IOS Gatekeeper is a Cisco IOS Software feature included with many other features in a particular Cisco IOS Software image. To obtain gatekeeper capabilities, select a Cisco IOS Software image that includes this capability and purchase a software license:

Step 1. In the Cisco IOS Software Configurator tool, select one of the following images:

INT VOICE/VIDEO GK, IPIPGW, TDMIP GW (part number S382IVS-12418)

INT VOICE/VIDEO GK, IPIPGW, TDMIP GW, AES if security features (for example, Advanced Encryption Standard [AES] encryption) is also required

Step 2. Add a feature license by selecting one of the following:

FL-CUBE-25 for up to 25 simultaneous calls

FL-INTVVSRV-XXXX for use with as many sessions as the CPU capacity of the chassis can sustain

FL-GK-XXXX if you are ordering a Cisco 2900 or 3900 Series platform

Q. What functions have been added to the Cisco gatekeeper to enable greater interoperability with the Cisco Unified Border Element?
A. The basic additions are referred to as VIA functions on the Cisco IOS Gatekeeper. The VIA functions are software enhancements to the existing Cisco gatekeeper image. With Cisco IOS Software Release 12.3(4)T and later, the Cisco gatekeeper can recognize two call legs on the same platform (Cisco Unified Border Element) and also load balance traffic across multiple Cisco Unified Border Elements, which are included (both gateways and gatekeepers) in a predefined "VIA zone".
These gatekeepers sit at the edge of the Internet Telephony Service Provider (ITSP) network and are like a VoIP transfer point, or transit zone, where VoIP traffic is channeled through on the way to the remote-zone destination. Cisco Unified Border Elements in the VIA zone terminate incoming calls and re-originate them toward their final destinations.
Additional CAC enhancements have been added to the gatekeeper image to allow the gatekeeper to recognize when a Cisco Unified Border Element is not responding, thus sending traffic to an alternate device. H.323v4 Registration, Admission, and Status (RAS) messages perform this task.
Q. Would a third-party gatekeeper work with a Cisco Unified Border Element?
A. Probably not, because third-party gatekeepers are not likely to support VIA-zone routing.
Q. Can the Cisco gatekeeper and the Cisco Unified Border Element run on the same platform?
A. Yes.
Q. Can a Cisco IOS Gatekeeper serve a VIA zone with Cisco Unified Border Elements (IP-to-IP gateways) as well as TDM-to-IP gateways?
A. Yes. You can register a TDM gateway in a different local zone, and you can also register a TDM gateway in a VIA zone. Starting with Cisco IOS Software Release 12.3(4)T, the same gatekeeper can route calls to and from the TDM gateway as well as IP-to-IP gateways (Cisco Unified Border Element).
Q. Is bandwidth management supported on the Cisco IOS Gatekeeper?
A. Yes. The Cisco IOS Gatekeeper provides the same zone bandwidth-management capabilities found in a regular Cisco gatekeeper.
Q. Can the Cisco IOS Gatekeeper load balance across multiple Cisco Unified Border Elements?
A. Yes. Given multiple Cisco Unified Border Elements registered to a single gatekeeper with equal weights, the gatekeeper load balances among them.

Licensing

Q. Is licensing for Cisco Unified Border Element and Cisco IOS Gatekeeper enforced?
A. Gatekeeper (using the gatekeeper configuration command) licensing is enforced in Cisco IOS Software as of Release 12.4(20)T. Cisco Unified Border Element (using the allow connections... configuration command) licensing is not yet enforced.
On the Cisco 2800 and 3800 Series platforms, both the Cisco IOS Gatekeeper and the Cisco Unified Border Element share the same license part numbers (FL-INTVVSRV-xxxx and FL-CUBE-xx). The Cisco 2900 and 3900 Series platforms have separate licenses for Cisco IOS Gatekeeper and Cisco Unified Border Element functions.
All Cisco IOS Gatekeeper installations on Cisco IOS Software Release 12.4.20T or later need a license installed (or the gatekeeper command-line interface [CLI] will disable after 60 days), regardless of whether it is a new install or an upgrade. If an existing Cisco IOS Gatekeeper installation is upgraded to Cisco IOS Software Release 12.4(20T) or beyond, you must download a license from the licensing website and install it on the router. More information is available here.
To obtain a Cisco IOS Gatekeeper license, do the following:

1. Get a Product Activation Key (PAK).

2. Get a License. Enter the PAK and make sure you have the serial number and product ID of the router.

Q. How do I get an evaluation Cisco IOS Gatekeeper license for a customer’s system?
A. Cisco IOS Software ships with an automatic 60-day grace period on the gatekeeper license. During that time you must obtain, download, and install a permanent gatekeeper license; otherwise the Cisco IOS Software will disable the gatekeeper CLI command on the system when the 60-day grace period expires. If you need an extension to the 60-day grace period before you can install a permanent license, please contact the Cisco TAC.