Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
SDP Handling
Downloads: This chapterpdf (PDF - 373.0KB) The complete bookPDF (PDF - 10.42MB) | Feedback

SDP Handling

Table Of Contents

SDP Handling

Contents

Configuring SIP SDP Attribute Passthrough

Restrictions for Configuring SIP SDP Attribute Passthrough

Information about SIP SDP Attribute Passthrough

Information About Repeat SDP on 200 Invite Response

Configuring SIP SDP Attribute Passthrough

Configuring Repeat SDP on 200 INVITE Response

Example of SIP SDP Attribute Passthrough

Example of Repeat SDP on 200 INVITE Response Configuration

SIP-I Support and SIP Non-SDP Body Filtering

Prerequisites

Restrictions for SIP Non-SDP Body Filtering and SIP-I Support

Information about SIP Non-SDP Body Filtering and SIP-I Support

SIP Non-SDP Body Filtering

SIP-I Support

Non-SDP Message Body Example

Implementing SIP Non-SDP Body Filtering

Examples—SIP Non-SDP Body Filtering and SIP-I Support


SDP Handling


Cisco Unified Border Element (SP Edition) by default passes through all a= lines in SIP messages containing SDP offers and answers that it forwards. You can also configure Cisco Unified Border Element (SP Edition) to block certain a= lines, either by specifying a whitelist (a finite set of a=lines that are passed through, with all others blocked), or alternatively a blacklist (a finite set of a=lines that are blocked, with all others passed through). Additionally, user exits in the Cisco Unified Border Element (SP Edition) code base allow customers to write their own code to insert and/or strip one or more media-level a= lines when processing an offer on an answer.

The SIP-I Support feature enables Cisco Unified Border Element (SP Edition) to pass through the ISDN User Part (ISUP) parameters in Session Initiation Protocol (SIP) messages that are added by a SIP or Public Switched Telephone Network (PSTN) interworking gateway.

The SIP Non-SDP Body Filtering feature adds support for Cisco Unified Border Element (SP Edition) to process non-SDP bodies, and in particular the ISUP body using SIP-I.

Cisco Unified Border Element (SP Edition) was formerly known as Integrated Session Border Controller and may be commonly referred to in this document as the session border controller (SBC).

For a complete description of the commands used in this chapter, refer to the Cisco Unified Border Element (SP Edition) Command Reference: Unified Model at:

http://www.cisco.com/en/US/docs/ios/sbc/command/reference/sbcu_book.html.

For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or a Cisco IOS master commands list.

Feature History for SDP Handling

Release
Modification

Cisco IOS XE Release 2.4

The SIP SDP Attribute Passthrough feature was introduced on the Cisco IOS XR.

Cisco IOS XE Release 2.6

The SIP-I Support and SIP Non-SDP Body Filtering features were introduced on the Cisco ASR 1000 Series Aggregation Services Routers.

Cisco IOS XE Release 3.1S

Repeat SDP on 200 Invite Response feature was added.


Contents

This chapter contains the following sections:

Configuring SIP SDP Attribute Passthrough

SIP-I Support and SIP Non-SDP Body Filtering

Configuring SIP SDP Attribute Passthrough

This section contains the following subsections:

Restrictions for Configuring SIP SDP Attribute Passthrough

Information about SIP SDP Attribute Passthrough

Information About Repeat SDP on 200 Invite Response

Configuring SIP SDP Attribute Passthrough

Configuring Repeat SDP on 200 INVITE Response

Example of SIP SDP Attribute Passthrough

Example of Repeat SDP on 200 INVITE Response Configuration

Restrictions for Configuring SIP SDP Attribute Passthrough

Review the following restrictions for SIP SDP Attribute Passthrough:

The existing reflect behavior is not supported.

Wildcard or prefix matching of attribute lines is not supported.

Distinguishing media-level from session-level a-lines for the purposes of matching is not supported.

Sophisticated matching conditions (for example, apply only to video streams or apply only to offers) are not supported.

Attribute blocking in media bypass calls is not supported.

Blocking function is restricted to unknown attributes.

The following attributes are ignored by unknown attribute policy because this may interfere with the correct operation of the SBC.

a=rtpmap

a=fmtp

a=sendonly

a=recvonly

a=inactive

a=sendrecv

a=ptime

a=mid

a=group

a=curr

a=des

a=conf

a=crypto.

At the point where the policy is applied, a (rate-limited) warning log is issued if the policy attempts to delete one of these lines.

Information about SIP SDP Attribute Passthrough

Additional per-call storage is needed to store the SDP policy that is being applied. This is expected to be ~160 bytes per call.

Information About Repeat SDP on 200 Invite Response

To support interoperation with endpoints that may require an agreed Session Description Protocol (SDP) to be resent for 200 INVITE responses, the user can configure SBC to repeat an agreed SDP, in a 200 INVITE response, when needed, after the successful provisioning of an offer-answer exchange.

This option is configured in the CAC policy for SIP calls. The default is off.

The agreed SDP answer is the SDP answer from the latest completed SDP offer/answer exchange procedure.

When Repeat SDP on 200 Invite Response is configured, the call flow is as shown in the following three figures.

Figure 23 shows the call flow for an SDP on the second reliable response.

Figure 23 Call Flow for SDP on Second Reliable Response

Figure 24 shows the call flow for an SDP on the final response.

Figure 24 Call Flow for SDP on Final Response

Figure 25 shows the call flow for no SDP on the final response.

Figure 25 Call Flow for No SDP on Final Response

See the "Configuring Repeat SDP on 200 INVITE Response" section for the configuration procedure.

See the "Example of Repeat SDP on 200 INVITE Response Configuration" section for and example configuration.

Configuring SIP SDP Attribute Passthrough

This section contains the steps for implementing SIP SDP Attribute Passthrough.


Note The caller and callee commands have been used in this procedure. In some scenarios, the branch command can be used as an alternative to the caller and callee command pair. The branch command has been introduced in Release 3.5.0. See the "Configuring Directed Nonlimiting CAC Policies" section for information about this command.


SUMMARY STEPS

1. configure

2. sbc service-name

3. sbe

4. sip sdp-match-table table-name1

5. action whitelist | blacklist

6. match-string attribute-name1

7. match-string attribute-name2

8. exit

9. sip sdp-match-table table-name2

10. action whitelist | blacklist

11. match-string attribute-name1

12. match-string attribute-name3

13. exit

14. sip sdp-policy-table table-name1

15. match-table table-name 1

16. exit

17. sip sdp-policy-table table-name2

18. match-table table-name2

19. exit

20. cac-policy-set number

21. first-cac-table table-name

22. first-cac-scope scope

23. cac-table table-name

24. table-type {policy-set | limit {list of limit tables}}

25. entry number

26. match-value value

27. action action-name

28. caller-inbound-policy policytab-name

29. caller-outbound-policy policytab-name

30. callee-inbound-policy policytab-name

31. callee-outbound-policy policytab-name

32. exit

33. exit

34. complete

35. exit

36. active-cac-policy-set number

37. end

38. show sbc service-name sbe cac-policy-set number table number entry number

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

Router# configure

Enables global configuration mode.

Step 2 

sbc service-name

Example:

Router(config)# sbc mysbc

Enters the mode of an SBC service.

Use the service-name argument to define the name of the service.

Step 3 

sbe

Example:

Router(config-sbc)# sbe

Enters the mode of the signaling border element (SBE) function of the SBC.

Step 4 

sip sdp-match-table table-name

Example:
Router(config-sbc-sbe)# sip sdp-match-table 1

Adds an existing sdp-match-table into policy.

Step 5 

action whitelist/blacklist

Example:

Router(config-sbc-sbe-sdp-match-tbl)# action blacklist

Specifies an SDP policy table action.

Step 6 

match-string attribute-name1

Example:

Router(config-sbc-sbe-sdp-match-tbl)# match-string X-sqn1

Configures an SDP attribute matching string.

Step 7 

match-string attribute-name1

Example:

Router(config-sbc-sbe-sdp-match-tbl)# match-string X-sqn2

Configures an SDP attribute matching string.

Step 8 

exit

Example:

Router(config-sbc-sbe-sdp-match-tbl)# exit

Returns to the previous submode.

Step 9 

sip sdp-match-table table-name

Example:
Router(config-sbc-sbe)# sip sdp-match-table 2

Adds an existing sdp-match-table into policy.

Step 10 

action whitelist/blacklist

Example:

Router(config-sbc-sbe-sdp-match-tbl)# action blacklist

Adds an action allowing a defined set of attributes and blocking the remaining attributes.

Step 11 

match-string attribute-name1

Example:

Router(config-sbc-sbe-sdp-match-tbl)# match-string X-sqn1

Configures an SDP attribute matching string.

Step 12 

match-string attribute-name1

Example:

Router(config-sbc-sbe-sdp-match-tbl)# match-string X-sqn2

Configures an SDP attribute matching string.

Step 13 

exit

Example:

Router(config-sbc-sbe-sdp-match-tbl)# exit

Returns to the previous submode.

Step 14 

sip sdp-policy-table table-name

Example:

Router(config-sbc-sbe-sip)# sip sdp-policy-table foo

Configures an SDP policy table.

Step 15 

match-table table-name

Example:

Router(config-sbc-sbe-sdp-policy-tbl)# match-table matchtab2

Configure an SDP match table used in a policy.

Step 16 

exit

Example:

Router(config-sbc-sbe-sip-adj)# exit

Returns to the previous submode.

Step 17 

sip sdp-policy-table table-name

Example:

Router(config-sbc-sbe)# sip sdp-policy-table foo2

Configures an SDP policy table.

Step 18 

match-table table-name

Example:

Router(config-sbc-sbe-sdp-policy-tbl)# match-table matchtab3

Configure an SDP match table used in a policy.

Step 19 

exit

Example:

Router(config-sbc-sbe-sdp-policy-tbl)# exit

Returns to the previous submode.

Step 20 

cac-policy-set number

Example:

Router(config-sbc-sbe)# cac-policy-set 1

Enters the submode of CAC policy set configuration.

Step 21 

first-cac-table table-name

Example:

Router(config-sbc-sbe-cacpolicy)# first-cac-table RootCacTable

Configures the name of the first policy table to process when performing the admission control stage of policy.

Step 22 

first-cac-scope scope

Example:

Router(config-sbc-sbe-cacpolicy)# first-cac-scope src-adjacency

Configures the scope at which to begin defining limits when performing the admission control stage of policy.

Step 23 

cac-table table-name

Example:

Router(config-sbc-sbe-cacpolicy)# cac-table RootCacTable

Creates or configures an admission control table.

Step 24 

table-type {policy-set | limit {list of limit tables}}

Example:

Router(config-sbc-sbe-cacpolicy-cactable)# table-type limit call-priority

Configures the table type of a CAC table within the context of an SBE policy set.

list of limit tables can be one of the following values:

account—Compare the name of the account.

adj-group—Compare the name of the adjacency group.

adjacency—Compare the name of the adjacency.

all—No comparison type. All events match this type.

call-priority—Compare with call priority.

category—Compare the number analysis assigned category.

dst-account—Compare the name of the destination account.

dst-adj-group—Compare the name of the destination adjacency group.

dst-adjacency—Compare the name of the destination adjacency.

dst-prefix—Compare the beginning of the dialed digit string.

event-type—Compare with CAC policy event types.

src-account—Compare the name of the source account.

src-adj-group—Compare the name of the source adjacency group.

src-adjacency—Compare the name of the source adjacency.

src-prefix—Compare the beginning of the calling number string.

Features can be enabled or disabled per adjacency group through CAC configuration the same way this is done per individual adjacencies. The adj-group table type matches on either source or destination adjacency group.

Step 25 

entry number

Example:

Router(config-sbc-sbe-cacpolicy-cactable)# entry 1

Creates or modifies an entry in a table.

Step 26 

match-value key

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# match-value immediate

Configures the match-value of an entry in a CAC Limit table. It is only relevant for Limit table types.

The key argument is a string or a keyword based on the table type. The format of the key is determined by the Limit table type (for example, Limit event-type tables or Limit call-priority tables).

For Limit event-type tables (table-type limit event-type), the match value string options are the following:

call-update—Compare the beginning of the calling number string.

endpoint-reg—Compare the name of the destination adjacency.

new-call—Compare the beginning of the dialed digit string.

For Limit call-priority tables (table-type limit call-priority), the match value string options are the following:

critical—Match calls with resource priority 'critical'.

flash—Match calls with resource priority 'flash'.

flash-override—Match calls with resource priority 'flash-override'.

immediate—Match calls with resource priority 'immediate'.

priority—Match calls with resource priority 'priority'.

routine—Match calls with resource priority 'routine'.

For all other Limit tables, enter a name or digit string

WORD—Name or digit string to match. (Max Size 255).

Step 27 

action action-name

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# action cac-complete

Specifies the action to take if this entry is chosen.

Step 28 

caller-inbound-policy policytab-name

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# caller-inbound-policy policytab1

Configures a caller inbound SDP policy table.

Step 29 

caller-outbound-policy policytab-name

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# caller-outbound-policy policytab1

Configures a caller outbound SDP policy table.

Step 30 

callee-inbound-policy policytab-name

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# callee-inbound-policy policytab2

Configures a callee inbound SDP policy table.

Step 31 

callee-outbound-policy policytab-name

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# callee-outbound-policy policytab2

Configures a callee outbound SDP policy table.

Step 32 

exit

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry)# exit

Returns to the previous submode.

Step 33 

exit

Example:

Router(config-sbc-sbe-cacpolicy-cactable)# exit

Returns to the previous submode.

Step 34 

complete

Example:

Router(config-sbc-sbe-cacpolicy)# complete

Performs a consistency check on the CAC policy set.

Step 35 

exit

Example:

Router(config-sbc-sbe-cacpolicy)# exit

Returns to the previous submode.

Step 36 

active-cac-policy-set number

Example:

Router(config-sbc-sbe)# active-cac-policy-set 1

Enters the active CAC policy set.

Step 37 

end

Example:

Router(config-sbc-sbe)# end

Exits SBE mode and enters Privileged EXEC mode.

Step 38 

show sbc service-name sbe cac-policy-set number table number entry number

Example:

Router# do show sbc interwork sbe cac-policy-set 1 table 1 entry 1

Displays detailed information for a given entry in a CAC policy table.

Configuring Repeat SDP on 200 INVITE Response

Use the following procedure to configure SBC to send a repeat SDP on 200 INVITE responses.

SUMMARY STEPS

1. config

2. sbc sbc-name

3. sbe

4. cac-policy-set policy-set-id

5. cac-table table-name

6. table-type policy-set

7. entry entry-id

8. sdp repeat answer

9. end

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

config

Example:

Router# config

Enters global configuration mode.

Step 2 

sbc sbc-name

Example:

Router(config)# sbc SBC1

Creates the SBC service on Cisco Unified Border Element (SP Edition) and enters into SBC configuration mode.

Step 3 

sbe

Example:

Router(config-sbc)# sbe

Enters the mode of the signaling border element (SBE) function of the SBC.

Step 4 

cac-policy-set policy-set-id

Example:

Router(config-sbc-sbe)# cac-policy-set 1

Enters the mode of CAC policy set configuration within an SBE entity, creating a new policy set if necessary.

policy-set-id—Integer chosen by the user to identify the policy set. The range is 1 to 2147483647.

Step 5 

cac-table table-name

Example:

Router(config-sbc-sbe-cacpolicy)# cac-table testSecure

Enters the mode for configuration of an admission control table (creating one if necessary) within the context of an SBE policy set.

table-name—Name of the admission control table.

Step 6 

table-type policy-set

Example:

Router(config-sbc-sbe-cacpolicy-cactable)# table-type policy-set

Configures the table type of a CAC table within the context of an SBE policy set.

Step 7 

entry entry-id

Example:

Router(config-sbc-sbe-cacpolicy-cactable)# entry 1

Enters the mode to modify an entry in an admission control table.

entry-id—Specifies the table entry.

Step 8 

sdp repeat answer

Example:
Router(config-sbc-sbe-cacpolicy-cactable-entry)
# sdp repeat answer 

Configures SBC to repeat an agreed Session Description Protocol (SDP), in a 200 INVITE response, after the successful provisioning of an offer-answer exchange when needed.

Step 9 

end

Example:

Router(config-sbc-sbe-cacpolicy-cactable-entry) # end

Exits configuration mode and returns to privileged EXEC mode.

Example of SIP SDP Attribute Passthrough

This section provides a sample configuration and output for SIP SDP Attribute Passthrough.


Note The caller and callee commands have been used in this procedure. In some scenarios, the branch command can be used as an alternative to the caller and callee command pair. The branch command has been introduced in Release 3.5.0. See the "Configuring Directed Nonlimiting CAC Policies" section for information about this command.


Router# config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# sbc interwork
Router(config-sbc)# sbe
Router(config-sbc-sbe)# sip sdp-match-table matchtab1
Router(config-sbc-sbe-sdp-match-tbl)# action blacklist
Router(config-sbc-sbe-sdp-match-tbl)# match-string X-sqn
Router(config-sbc-sbe-sdp-match-tbl)# match-string X-cap
Router(config-sbc-sbe-sdp-match-tbl)# exit
Router(config-sbc-sbe)# sip sdp-match-table matchtab2
Router(config-sbc-sbe-sdp-match-tbl)# action blacklist
Router(config-sbc-sbe-sdp-match-tbl)# match-string X-sqn
Router(config-sbc-sbe-sdp-match-tbl)# match-string X-pc-csuites-rtp
Router(config-sbc-sbe-sdp-match-tbl)# exit
Router(config-sbc-sbe)# sdp-policy-table policytab1
Router(config-sbc-sbe-sdp-policy-tbl)# match-table matchtab1
Router(config-sbc-sbe-sdp-policy-tbl)# exit
Router(config-sbc-sbe)# sip sdp-policy-table policytab2
Router(config-sbc-sbe-sdp-policy-tbl)# match-table matchtab2
Router(config-sbc-sbe-sdp-policy-tbl)# exit
Router(config-sbc-sbe)# cac-policy-set 1
Router(config-sbc-sbe-cacpolicy)# first-cac-table 1
Router(config-sbc-sbe-cacpolicy)# first-cac-scope global
Router(config-sbc-sbe-cacpolicy)# cac-table 1
Router(config-sbc-sbe-cacpolicy-cactable)# table-type limit src-adjacency 
Router(config-sbc-sbe-cacpolicy-cactable)# entry 1
Router(config-sbc-sbe-cacpolicy-cactable-entry)# match-value sipp1
Router(config-sbc-sbe-cacpolicy-cactable-entry)# action cac-complete 
Router(config-sbc-sbe-cacpolicy-cactable-entry)# caller-inbound-policy policytab1
Router(config-sbc-sbe-cacpolicy-cactable-entry)# caller-outbound-policy policytab1
Router(config-sbc-sbe-cacpolicy-cactable-entry)# callee-inbound-policy policytab2
Router(config-sbc-sbe-cacpolicy-cactable-entry)# callee-outbound-policy policytab2
Router(config-sbc-sbe-cacpolicy-cactable-entry)# exit
Router(config-sbc-sbe-cacpolicy-cactable)# exit
Router(config-sbc-sbe-cacpolicy)# complete 
Router(config-sbc-sbe-cacpolicy)# exit
Router(config-sbc-sbe)# active-cac-policy-set 1 

This section provides a sample configuration and output for SIP SDP Attribute Passthrough.

Router(config-sbc-sbe)# do show sbc interwork sbe cac-policy-set 1 table 1 entry 1
SBC Service "interwork"
Policy set 1 table 1 entry 1
  Match value               sipp1
  Action                    CAC policy complete
  Max calls                 Unlimited
  Max call rate             Unlimited
  Max in-call rate          Unlimited
  Max out-call rate         Unlimited
  Max registrations         Unlimited
  Max reg. rate             Unlimited
  Max bandwidth             Unlimited
  Max channels              Unlimited
  Transcoder                Allowed
  Caller privacy setting    Never hide
  Callee privacy setting    Never hide
  Early media               Allowed
  Early media direction     Both
  Early media timeout       0
  Restrict codecs to list   default
  Restrict caller codecs to list   default
  Restrict callee codecs to list   default
  Media bypass              Allowed
  SRTP Transport            Not Set
  Callee hold setting       Standard
  Caller hold setting       Standard
  Number of calls rejected by this entry    0
  Caller inbound SDP policy                 policytab1
  Caller outbound SDP policy                policytab1
  Callee inbound SDP policy                 policytab2
  Callee outbound SDP policy                policytab2

Example of Repeat SDP on 200 INVITE Response Configuration

The following example shows how to configure SBC to send a repeat SDP on 200 INVITE responses.

Router# config t 
Router(config)# sbc mySBC
Router(config-sbc)# sbe
Router(config-sbc-sbe)# cac-policy-set 1
Router(config-sbc-sbe-cacpolicy)# cac-table cac-tbl-1
Router(config-sbc-sbe-cacpolicy-cactable)# table-type policy-set
Router(config-sbc-sbe-cacpolicy-cactable)# entry 1
Router(config-sbc-sbe-cacpolicy-cactable-entry)# sdp repeat answer

SIP-I Support and SIP Non-SDP Body Filtering

This section contains the following subsections:

Prerequisites

Restrictions for SIP Non-SDP Body Filtering and SIP-I Support

Information about SIP Non-SDP Body Filtering and SIP-I Support

Configuring SIP SDP Attribute Passthrough

Examples—SIP Non-SDP Body Filtering and SIP-I Support

Prerequisites

The following prerequisite is required to implement SIP Non-SDP Body Filtering and SIP-I Support:

Before implementing SIP Non-SDP Body Filtering and SIP-I Support, Cisco Unified Border Element (SP Edition) must already be configured. See the procedures described in Chapter  "."

Restrictions for SIP Non-SDP Body Filtering and SIP-I Support

The following restrictions and limitations apply to SIP Non-SDP Body Filtering and SIP-I Support:

If dual tone multifrequency (DTMF) interworking is enabled for a call, the INFO messages containing a DTMF digit may not pass through.

The SBC does not support Secure Multipurpose Internet Mail Extensions (S/MIME) encryption or decryption. While the SBC may allow encrypted bodies to pass through, it does not modify them.

In compliance with Section 8.2.1.1 of RFC 3398, the SBC does not support a From header without a username.

The total size of the MIME bodies and associated header allowed to pass through is limited to approximately 1000 bytes. The final size allowed depends on the structure of the headers and MIME bodies and should not exceed 2000 bytes.

The SBC may not preserve the original order of MIME bodies and may insert the SDP as the first body part.

This feature does not work in conjunction with H.323.

Since the SBC considers BYE requests on a hop-by-hop basis, it does not pass any information using a BYE response it received.

The SBC allows the user=phone URI parameter on the Request-URI to pass through.

The SBC may alter the MIME boundary of a message.

Information about SIP Non-SDP Body Filtering and SIP-I Support

The following sections provide information about the SIP Non-SDP Body Filtering feature and the SIP-I Support feature.

SIP Non-SDP Body Filtering

The SIP Non-SDP Body Filtering feature adds support for Cisco Unified Border Element (SP Edition) to process non-SDP bodies, and in particular the ISUP body using SIP-I. The SBC can pass through, strip out, or reject non-SDP bodies. The message body of a SIP message is described using header fields such as Content-Disposition, Content-Encoding, and Content-Type, which provide information about the body. SBC uses a body profile that you create and associate to filter non-SDP bodies from incoming and outgoing SIP messages, based on the Content-Type header field. A body profile allows a message containing a specific non-SDP body to take one of the following actions:

To be passed (without altering the message)

To be stripped of the body (and pass the rest of the message)

To be rejected

SBC uses the `handling' parameter in the message to decide whether to strip the body or reject the message.

Like any other SIP profile, such as a method profile, you need to first create a body profile. Then you can associate the body profile to cause the body profile to take action on incoming and outgoing SIP messages that fall under the SBE mode, or adjacency mode, or method profile mode.

You can create a body profile:

Using the sip body-profile {profile_name} command under the SBE mode.

The body command and action (body) command are used in conjunction with the sip body-profile command. The body command names a body type or content header type for a non-SDP message body. The action (body) command sets the action to take on a body type in a SIP body profile.

After creating a body profile, you can associate the body profile at the following levels and configuration modes:

At the SIP signaling entity level (ingress or egress), under SBE mode, using the sip default body-profile [[inbound | outbound] {profile_name}] command. The body profile is associated for the entire signaling instance (that is all messages, either ingress or egress, passing through the SBC.)

At the SIP adjacency level, under SIP adjacency mode, using the body-profile [[inbound | outbound] {profile_name}] command. The body profile is associated to an adjacency.

At the SIP method profile level, under method profile mode, using the body-profile {profile_name} command. The body profile is associated to a method profile.

SIP-I Support

The SIP-I Support feature enables Cisco Unified Border Element (SP Edition) to pass through the ISDN User Part (ISUP) parameters in Session Initiation Protocol (SIP) messages that are added by a SIP or Public Switched Telephone Network (PSTN) interworking gateway. ISUP is a call control protocol used in SS7 networks primarily for setting up and tearing down telephone calls and for maintenance of the network.

SIP-I is an approach defined by ITU-T Q.1912.5. SIP-I provides an approach for interworking SIP networks and the traditional, circuit-based ISDN User Part (ISUP) networks. SIP-I provides a method for passing through ISUP-specific header parameters through a SIP network so that calls that originate and terminate on the circuit-based ISUP network can cross a SIP network with no loss of information.

SIP-I allows transparent passthrough of ISUP parameters through a SIP network by attaching a copy of the ISUP message to the SIP message at the incoming PSTN gateway. The ISUP message appears as a non-SDP message body on the SIP message. SIP-I has a mechanism to indicate the presence of ISUP (based on Content-Type header) and if the ISUP is mandatory or can be passed through, depending on the Content-Disposition header. The SBC passes through the ISUP message body without coding or decoding the ISUP message.

The mapping between SIP and ISUP protocols is carried out by the Media Gateway Controller (MGC). In the SBC, the ISUP parameters can be carried in the SIP Request-Uniform Resource Identifier (URI) or the SIP message body.

Cisco Unified Border Element (SP Edition) supports the following SIP-I and profile functions:

Application or SDP is processed on INVITE, UPDATE, and PRACK requests and their responses.

Application or DTMF-info is processed on INFO to allow DTMF tones to pass through.

The NOTIFY messages on message or SIP-frag is analyzed to find out whether it indicates that a subscription or refer dialog is to be terminated.

Non-SDP Message Body Example

The following is an example of a non-SDP message body; the SIP message body is not shown in detail for brevity's sake. The non-SDP body present in the example is of type "application/resource-lists+xml":

INVITE sip:conf-fact@example.com SIP/2.0
      Content-Type: multipart/mixed;boundary="boundary1"
      Content-Length: 617
 
   
      --boundary1
      Content-Type: application/sdp
 
   
      v=0
      o=alice 2890844526 2890842807 IN IP4 atlanta.example.com
      s=-
      c=IN IP4 192.0.2.1
      t=0 0
      m=audio 20000 RTP/AVP 0
      a=rtpmap:0 PCMU/8000
      m=video 20002 RTP/AVP 31
      a=rtpmap:31 H261/90000
 
   
      --boundary1
      Content-Type: application/resource-lists+xml
      Content-Disposition: recipient-list
 
   
      <?xml version="1.0" encoding="UTF-8"?>
      <resource-lists xmlns="urn:ietf:params:xml:ns:resource-lists"
        <list>
          <entry uri="sip:bill@example.com"/>
          <entry uri="sip:randy@example.net"/>
          <entry uri="sip:joe@example.org"/>
        </list>
      </resource-lists>
      --boundary1--

Implementing SIP Non-SDP Body Filtering

The follow steps describe a sample configuration where a body profile is created with a particular body type and action to take on that body type and then the body profile is associated at the SIP signaling level.

SUMMARY STEPS

1. configure terminal

2. sbc service-name

3. sbe

4. sip body-profile {profile_name}

5. body {WORD}

6. action [pass | nopass | strip | reject]

7. exit

8. exit

9. sip default body-profile [[inbound | outbound] {profile_name}

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure terminal

Example:

Router# configure terminal

Enables global configuration mode.

Step 2 

sbc service-name

Example:

Router(config)# sbc mysbc

Enters the mode of an SBC service.

Use the service-name argument to define the name of the service.

Step 3 

sbe

Example:

Router(config-sbc)# sbe

Enters the mode of the signaling border element (SBE) function of the SBC.

Step 4 

sip body-profile {profile_name}

Example:

Router(config-sbc-sbe)# sip body-profile bodyprofile1

Creates a body profile to filter non-SDP bodies from incoming and outgoing SIP messages. Enters SBE SIP Body configuration mode.

Step 5 

body {WORD}

Example:

Router(config-sbc-sbe-sip-body)# body application/ISUP

This command describes the body type or content header type for SBC to act on messages with the specified body type or content header type. Enters SBE SIP Body Element configuration mode.

The body name must be in the form of <media-type>/<media-sub-type>, for example, application/ISUP. The body name field is case-insensitive.

Asterisk (*) is used to match all non-SDP body types. Note that * is also interpreted as a string by the CLI, and is just a token used to indicate wild-card match.

The following Content-Type descriptions are not allowed: application/sdp and multipart/mixed

In the example, the command describes the body type that is to act on messages with Content-Type header "application/ISUP."

Step 6 

action [pass | nopass | strip | reject]

Example:

Router(config-sbc-sbe-sip-body-ele)# action strip

Sets the action to take on a body type in a SIP body profile for a non-SDP message body.

pass—Instructs the SBC to pass through the body type of the non-SDP message body.

nopass—Uses the handling parameter in the message to determine whether to strip the body or reject the entire message with error code 415 (Unsupported media type).

strip—Strips the body and passes the rest of the message.

reject—Rejects the entire message with an error code.

Step 7 

exit

Example:

Router(config-sbc-sbe-sip-body-ele)# exit

Exits SBE SIP Body Element configuration mode.

Step 8 

exit

Example:

Router(config-sbc-sbe-sip-body)# exit

Exits SBE SIP Body configuration and enters SBE configuration mode.

Step 9 

sip default body-profile [[inbound | outbound] {profile_name}

Example:

Router(config-sbc-sbe)# sip default body-profile inbound bodyprofile1

Associates the body profile at the SIP signaling level, for the entire signaling instance (that is all messages, either ingress or egress, passing through the SBC).

Examples—SIP Non-SDP Body Filtering and SIP-I Support

The following is a configuration example of SIP Non-SDP Body Filtering:

 
   
sbc foo
    sbe
        sip body-profile profile1
            body application/ISUP 
                    action strip
            body application/QSIG 
                    action reject
                    hunt-on-reject
            body *
                    action reject
 
   
                               
        sip body-profile profile2
            description test-profile
	        body application/ISUP 
                 action nopass
            body application/QSIG 
                 action pass
	
	   sip body-profile profile3
            body application/ISUP 
                 action nopass
            body application/QSIG 
                 action pass
 
   
 
   
        sip default body-profile inbound profile1
        sip default body-profile outbound profile2
 
   
        sip method-profile default     !- pre-provisioned
                                       ! "default" method profile
                                       !- used at sbe level
            method INVITE
              body-profile profile1
 
   
       sip method-profile mp1          !-create a new method
                                       ! profile used in adj
            method INVITE
              body-profile profile2
  
       sip method-profile mp2          !-create a new method 
                                       ! profile used in adj
            method REGISTER
              body-profile profile1
  				                
        adjacency sip adj-1
            body-profile inbound profile2
            body-profile outbound profile1   

The following example displays all the non-SDP message body profiles in use:

Router# show sbc mySBC sbe sip body-profile
 
   
Name                 In Use
 
   
profile1             Yes
profile2             Yes
profile3             No
 
   
 
   

The following example displays the details of the specified non-SDP message body profile named "profile2":

Router# show sbc mySBC sbe sip body-profile profile2
 
   
Name          :            profile2
Description   :            test-profile
 
   
Element       :            application/ISUP
Action        :            nopass
 
   
Hunt-on-reject:            false
 
   
Element       :            application/QSIG
Action        :            pass
Hunt-on-reject:            false