Guest

Networking Software (IOS & NX-OS)

Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

  • Viewing Options

  • PDF (57.0 KB)
  • Feedback
Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

Table Of Contents

Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

Restrictions for Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

Hiding Internal Toplogy Information in History-info Header at global level

Hiding Internal Toplogy Information in History-info Header at the Dial-Peer Level


Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

SIP History-info stores information on address, topology and so on. Cisco UBE has the address hiding security feature where only the host section of a History-Info header is masked with the CUBE address. However, it does not hide the topology information like the details of the targets where a request was tried upon. It is important to strip the topology information from Cisco UBE before it is passed on to an external device. When the topology hiding for history-info is enabled, the diversion headers are also stripped from the history-info header. Topology information hiding has to be enabled on both inbound and outbound call legs. For example, if topology informatione is enabled only on the outbound dial-peer, this results in stripping all the History-info headers it received from the inbound leg and it sends just the single History-info header. However, on the inbound leg, all the History-info headers received from the outbound leg will be passed on to the external devices. If this feature is enabled on both inbound and outbound dialpeers, then the History-info headers will be stripped for both inbound and outbound legs of Cisco UBE.

Restrictions for Hiding the Internal Topology Information Embedded Within the History-info Header at the Cisco UBE

The user needs to be in the same network as the network in which the call is received.

Topology hiding will result in the History-Info headers received on one call leg to be stripped on the other leg and this could result in the call-routing functionality to disfunction. Hence, topology hiding and call-routing are mutually exclusive and cannot function together.

This section contains the following procedures:

Hiding Internal Toplogy Information in History-info Header at global level

Hiding Internal Toplogy Information in History-info Header at the Dial-Peer Level

Hiding Internal Toplogy Information in History-info Header at global level

Perform this task to hide topology information in history-info header at a global level in SIP configuration (conf-serv-sip) mode.

SUMMARY STEPS

1. enable

2. configure terminal

3. voice service voip

4. sip

5. privacy policy strip diversion

6. privacy policy strip history-info

7. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enters privileged EXEC mode, or other security level set by a system administrator.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

voice service voip

Example:
Router(config)# voice service voip

Enters voice service VoIP configuration mode.

Step 4 

sip

Example:
Router(conf-voi-serv)# sip

Enters SIP configuration mode.

Step 5 

privacy policy strip diversion

Example:
Router(conf-serv-sip)# privacy policy strip 
history-info

Srips the diversion headers received from the next call leg

Step 6 

privacy policy strip history-info

Example:
Router(conf-serv-sip)# privacy policy strip 
history-info

Strips the topology information from the history-info header.

Step 7 

exit

Example:

Router(conf-serv-sip)# exit

Exits the current mode.

Hiding Internal Toplogy Information in History-info Header at the Dial-Peer Level

Perform this task to hide topology information in history-info header header support at the dial-peer level, in dial peer voice configuration (config-dial-peer) mode.

SUMMARY STEPS

1. enable

2. configure terminal

3. dial-peer voice tag voip

4. voice class sip privacy policy strip diversion

5. voice class sip privacy policy strip history-info

6. exit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enters privileged EXEC mode, or other security level set by a system administrator.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

dial-peer voice tag voip

Example:
Router(config)# dial-peer voice 2 voip

Enters dial peer VoIP configuration mode.

Step 4 

voice class sip privacy policy strip diversion

Example:

Router(config-dial-peer)# voice-class sip call-route history-info

Srips the diversion headers received from the next call leg.

Step 5 

voice class sip privacy policy strip history-info

Example:
Router(conf-serv-sip)# privacy policy strip 
history-info

Strips the topology information from the history-info header.

Step 6 

exit

Example:

Router(config-dial-peer)# exit

Exits the current mode.