Cisco Unified Border Element (Enterprise) SIP Support Configuration Guide, Cisco IOS XE Release 3S
Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE
Downloads: This chapterpdf (PDF - 1.22MB) The complete bookPDF (PDF - 4.02MB) | The complete bookePub (ePub - 806.0KB) | Feedback

Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

SIP History-info stores information on address, topology and so on. Cisco UBE has the address hiding security feature where only the host section of a History-Info header is masked with the CUBE address. However, it does not hide the topology information like the details of the targets where a request was tried upon. It is important to strip the topology information from Cisco UBE before it is passed on to an external device. When the topology hiding for history-info is enabled, the diversion headers are also stripped from the history-info header. Topology information hiding has to be enabled on both inbound and outbound call legs. For example, if topology informatione is enabled only on the outbound dial-peer, this results in stripping all the History-info headers it received from the inbound leg and it sends just the single History-info header. However, on the inbound leg, all the History-info headers received from the outbound leg will be passed on to the external devices. If this feature is enabled on both inbound and outbound dialpeers, then the History-info headers will be stripped for both inbound and outbound legs of Cisco UBE.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Restrictions for Hiding the Internal Topology Information

  • The user needs to be in the same network as the network in which the call is received.
  • Topology hiding will result in the History-Info headers received on one call leg to be stripped on the other leg and this could result in the call-routing functionality to disfunction. Hence, topology hiding and call-routing are mutually exclusive and cannot function together.

Hiding Internal Toplogy Information in History-info Header at global level

Perform this task to hide topology information in history-info header at a global level in SIP configuration (conf-serv-sip) mode.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    voice service voip

    4.    sip

    5.    privacy policy strip diversion

    6.    privacy policy strip history-info

    7.    exit


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Router> enable
     

    Enters privileged EXEC mode, or other security level set by a system administrator.

    • Enter your password if prompted.
     
    Step 2 configure terminal


    Example:
    Router# configure terminal
     

    Enters global configuration mode.

     
    Step 3 voice service voip


    Example:
    Router(config)# voice service voip
     

    Enters voice service VoIP configuration mode.

     
    Step 4 sip


    Example:
    Router(conf-voi-serv)# sip
     

    Enters SIP configuration mode.

     
    Step 5 privacy policy strip diversion


    Example:
    Router(conf-serv-sip)# privacy policy strip history-info
     

    Srips the diversion headers received from the next call leg

     
    Step 6 privacy policy strip history-info


    Example:
    Router(conf-serv-sip)# privacy policy strip history-info
     

    Strips the topology information from the history-info header.

     
    Step 7 exit


    Example:
    Router(conf-serv-sip)# exit
     

    Exits the current mode.

     

    Hiding Internal Toplogy Information in History-info Header at the Dial-Peer Level

    Perform this task to hide topology information in history-info header header support at the dial-peer level, in dial peer voice configuration (config-dial-peer) mode.

    SUMMARY STEPS

      1.    enable

      2.    configure terminal

      3.    dial-peer voice tag voip

      4.    voice class sip privacy policy strip diversion

      5.    voice class sip privacy policy strip history-info

      6.    exit


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 enable


      Example:
      Router> enable
       

      Enters privileged EXEC mode, or other security level set by a system administrator.

      • Enter your password if prompted.
       
      Step 2 configure terminal


      Example:
      Router# configure terminal
       

      Enters global configuration mode.

       
      Step 3 dial-peer voice tag voip


      Example:
      Router(config)# dial-peer voice 2 voip
       

      Enters dial peer VoIP configuration mode.

       
      Step 4 voice class sip privacy policy strip diversion


      Example:
      Router(config-dial-peer)# voice-class sip call-route history-info
       

      Srips the diversion headers received from the next call leg.

       
      Step 5 voice class sip privacy policy strip history-info


      Example:
      Router(conf-serv-sip)# privacy policy strip history-info
       

      Strips the topology information from the history-info header.

       
      Step 6 exit


      Example:
      Router(config-dial-peer)# exit
       

      Exits the current mode.

       

      Feature Information for Hiding Internal Topology in the History-info Header

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

      Feature History table for the ISR

      Table 1 Feature Information for Hiding Internal Topology in the History-info Header

      Feature Name

      Releases

      Feature Information

      Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

      15.1(2)T

      This feature enables privacy across the enterprise domain by hiding internal topology information by stripping topology information from the history-info header.

      The following command was introduced or modified: privacy policy, voice class sip privacy policy.

      Feature History table for the ASR

      Table 2 Feature Information for Hiding Internal Topology in the History-info Header

      Feature Name

      Releases

      Feature Information

      Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

      Cisco IOS XE Release 3.3S

      This feature enables privacy across the enterprise domain by hiding internal topology information by stripping topology information from the history-info header.

      The following command was introduced or modified: privacy policy, voice class sip privacy policy.