Cisco 7600 シリーズ ルータ セッション ボーダ コン トローラ コンフィギュレーション ガイド
Cisco 7600 シリーズ ルータ でのエンドツー エンド SBC の設定例
Cisco 7600 シリーズ ルータでのエンドツーエンド SBC の設定例
発行日;2012/01/30 | 英語版ドキュメント(2010/04/20 版) | ドキュメントご利用ガイド | ダウンロード ; この章pdf , ドキュメント全体pdf (PDF - 9MB) | フィードバック

目次

Cisco 7600 シリーズ ルータでのエンドツーエンド SBC の設定例

Cisco 7600 シリーズ ルータでのエンドツーエンド SBC の設定例

ここでは、Cisco 7600 シリーズ ルータの完全な Session Border Controller(SBC; セッション ボーダ コントローラ)設定を示します。

 
7600-101-UUT1# show run
Building configuration...
 
Current configuration : 5863 bytes
!
upgrade fpd auto
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
service counters max age 10
!
hostname 7600-101-UUT1
!
boot-start-marker
boot system disk0:c7600s72033-adventerprisek9-mz.122-32.8.109.SR
boot device module 3 disk0:c76-sbck9-mzg.devtest_26NOV07.bin
boot device module 4 disk0:c76-sbck9-mzg.devtest_26NOV07.bin
boot-end-marker
!
vrf definition vpn1
rd 55:1111
!
address-family ipv4
exit-address-family
!
vrf definition vpn2
rd 55:1112
!
address-family ipv4
exit-address-family
!
enable password cisco
!
no aaa new-model
svclc multiple-vlan-interfaces
svclc module 3 vlan-group 100,200,300,400,500 svclc module 4 vlan-group 100,200,300,400,500 svclc vlan-group 100 23 svclc vlan-group 200 88 svclc vlan-group 300 172 svclc vlan-group 400 99 svclc vlan-group 500 77 ip subnet-zero !
!
no ip domain lookup
ip host abrick 172.20.211.35
!
!
!
!
vtp domain sbc
vtp mode transparent
mls ip multicast flow-stat-timer 9
mls flow ip interface-full
no mls flow ipv6
no mls acl tcam share-global
mls cef error action reset
multilink bundle-name authenticated
!
!
spanning-tree mode pvst
spanning-tree extend system-id
diagnostic cns publish cisco.cns.device.diag_results diagnostic cns subscribe cisco.cns.device.diag_commands !
redundancy
main-cpu
auto-sync running-config
mode sso
!
vlan internal allocation policy ascending vlan access-log ratelimit 2000 !
vlan 23,77,88,99
!
!
interface Loopback0
ip address 1.101.1.1 255.255.255.255
!
interface GigabitEthernet1/1
description ''Connected to CAT-3550-101 Fa 0/7''
ip address 100.101.11.2 255.255.255.0
ip router isis
!
interface GigabitEthernet1/2
description ''Connected to CAT-3550-101 Fa 0/8''
ip address 100.101.21.2 255.255.255.0
ip router isis
!
interface GigabitEthernet1/3
description ''Connected to CAT-3550-101 Fa 0/13 vlan919''
vrf forwarding vpn1
ip address 10.122.3.3 255.255.255.0
!
interface GigabitEthernet1/4
description ''Connected to CAT-3550-101 Fa 0/14 vlan920''
vrf forwarding vpn2
ip address 10.122.4.3 255.255.255.0
!
interface GigabitEthernet1/5
no ip address
shutdown
!!
interface GigabitEthernet5/2
description ''Connected to CAT-3550-101 FA0/3 ip address 172.20.212.14 255.255.255.0 media-type rj45 !
interface GigabitEthernet6/1
no ip address
shutdown
!
interface GigabitEthernet6/2
description ''Connected to CAT-3550-101 FA 0/4''
no ip address
media-type rj45
!
interface Vlan1
no ip address
shutdown
!
interface Vlan23
no ip address
logging event link-status
logging event nfas-status
!
interface Vlan77
vrf forwarding vpn2
ip address 77.101.1.1 255.255.255.0
!
interface Vlan88
ip address 88.101.1.1 255.255.255.0
ip router isis
logging event link-status
logging event nfas-status
!
interface Vlan99
vrf forwarding vpn1
ip address 99.101.1.1 255.255.255.0
!
router isis
net 50.0101.0001.0101.0001.00
!
ip classless
ip route 171.0.0.0 255.0.0.0 172.20.212.1 ip route 172.0.0.0 255.0.0.0 172.20.212.1 !
!
no ip http server
no ip http secure-server
!
access-list 1 deny 200.200.200.149
access-list 1 permit any
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
line vty 0 4
exec-timeout 0 0
password cisco
login
transport input lat pad mop udptn telnet rlogin ssh nasi acercon !
scheduler runtime netinput 300
!
end
 
7600-101-UUT1#
 
 
ACE Configuration
=================
 
ACE-101-UUT1-2/Admin# show run
Generating configuration....
 
 
login timeout 0
hostname ACE-101-UUT1-2
boot system image:c76-sbck9-mzg.devtest_26NOV07.bin
 
 
 
clock timezone standard BST
 
 
 
timeout xlate 2147483
 
interface vlan 88
ip address 88.101.1.3 255.255.255.0
alias 88.101.1.100 255.255.255.0
peer ip address 88.101.1.2 255.255.255.0
no shutdown
 
ft interface vlan 23
ip address 23.23.23.11 255.255.255.0
peer ip address 23.23.23.10 255.255.255.0
no shutdown
 
ft peer 1
heartbeat interval 300
heartbeat count 10
ft-interface vlan 23
query-interface vlan 88
ft group 1
peer 1
priority 125
peer priority 225
associate-context Admin
inservice
 
ip route 100.0.0.0 255.0.0.0 88.101.1.1
ip route 10.0.0.0 255.0.0.0 88.101.1.1
ip route 200.200.200.0 255.255.255.0 88.101.1.1
 
context vpn1
allocate-interface vlan 99
context vpn2
allocate-interface vlan 77
ft group 2
peer 1
priority 60
peer priority 70
associate-context vpn1
inservice
ft group 3
peer 1
priority 60
peer priority 70
associate-context vpn2
inservice
username admin password 5 $1$faXJEFBj$TJR1Nx7sLPTi5BZ97v08c/ role Admin domain default-domain username www password 5 $1$UZIiwUk7$QMVYN1JASaycabrHkhGcS/ role Admin domain de fault-domain
 
sbc SBC-CONFIG-SAMPLE
sbe
sbe
media-gateway ipv4 200.200.207.101
codecs m=audio 1234 RTP/AVP 2 8 0 18,a=rtpmap:2 G726-32/8000,a=rtpmap:8 PCMA/8000,a=rtpmap:0 PCMU/8000,a=rtpmap:18 G729/8000
transcoder
control address h248
index 0
ipv4 88.101.1.100
port 2944
transport udp
sip method-profile default
pass-body
adjacency sip SIP-GW-1A
nat force-off
preferred-transport udp
redirect-mode pass-through
authentication nonce timeout 300
signaling-address ipv4 88.101.1.100
signaling-port 5060
remote-address ipv4 10.122.1.2 255.255.255.255
signaling-peer 10.122.1.2
signaling-peer-port 5060
dbe-location-id 4294967295
account SIP-CUSTOMER-1
reg-min-expiry 3000
attach
adjacency sip SIP-GW-1B
nat force-off
preferred-transport udp
redirect-mode pass-through
authentication nonce timeout 300
signaling-address ipv4 88.101.1.100
signaling-port 5060
remote-address ipv4 10.122.2.2 255.255.255.255
signaling-peer 10.122.2.2
signaling-peer-port 5060
dbe-location-id 4294967295
account SIP-CUSTOMER-2
reg-min-expiry 3000
attach
sip inherit profile preset-standard-non-ims
 
retry-limit 3
 
call-policy-set 1
first-call-routing-table ROUTE-ON-DEST-NUM
rtg-dst-address-table ROUTE-ON-DEST-NUM
entry 1
action complete
dst-adjacency SIP-GW-1B
match-address 6661
prefix
entry 2
action complete
dst-adjacency SIP-GW-1A
match-address 7771
prefix
complete
active-call-policy-set 1
 
sip max-connections 2
sip timer
tcp-idle-timeout 120000
tls-idle-timeout 3600000
udp-response-linger-period 32000
udp-first-retransmit-interval 500
udp-max-retransmit-interval 4000
invite-timeout 180
h323
ras timeout arq 5000
ras retry arq 2
ras timeout brq 3000
ras retry brq 2
ras timeout drq 3000
ras retry drq 2
ras timeout grq 5000
ras retry grq 2
ras timeout rrq 3000
ras retry rrq 2
ras rrq ttl 60
ras timeout urq 3000
ras retry urq 1
h225 timeout proceeding 10000
h225 timeout establishment 180000
h225 timeout setup 4000
ras rrq keepalive 45000
h323
adjacency timeout 30000
 
blacklist
global
redirect-limit 2
deact-mode normal
dbe
media-address ipv4 77.101.1.100 vrf vpn2
media-address ipv4 88.101.1.100
media-address ipv4 99.101.1.100 vrf vpn1
media-timeout 90
deact-mode normal
activate