Table Of Contents

Media Address Pools

Contents

Prerequisites—Implementing Media Address Pools

Restrictions for Configuring Media Address Pools

Media Address Pools

DBE Signaling Pinhole

Restrictions for DBE Signaling Pinhole

Configuring Media Address Pools

Configuring Media Address Pools Example

Media Address Pools

---

You can configure the Session Border Controller (SBC) with a single media address or a range of media addresses. In addition you can define one or more permissible port ranges for the configured addresses. This feature allows the administrator to configure or restrict the data border element (DBE) address by address pool with or without port range, and define class of service (CoS) affinity for each port range.

---

Note For ACE SBC Release 3.0.00, this feature is supported in both the unified model and the distributed model.

---

For a complete description of commands used in this chapter, refer to Chapter 39, "Cisco Session Border Controller Commands." To locate documentation for other commands that appear in this chapter, use the command reference master index, or search online.

Feature History for Media Address Pools

Release	Modification
ACE SBC Release 3.1.00	Added support for DBE signaling pinhole.
ACE SBC Release 3.0.00	Added support for SBC unified model.
ACE SBC Release 2.0.00	This feature was introduced on the Cisco 7600 series router.

Contents

This module contains the following sections:

•Prerequisites—Implementing Media Address Pools

•Restrictions for Configuring Media Address Pools

•Media Address Pools

•Configuring Media Address Pools

•Configuring Media Address Pools Example

Prerequisites—Implementing Media Address Pools

The following prerequisites are required to implement media address pools:

•On the Application Control Engine Module (ACE), you must be an Admin user to enter SBC commands. For more information, see the Application Control Engine Module Administration Guide at http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_guide_book09186a00806838f4.html

•Before implementing media address pools, you must create a static route. For more information, see Configuring a Static Route, page 2-8.

---

Note Creating a static route will fail if the remote peer is on the same VLAN as the interface VLAN of the media address.

---

•Before implementing media address pools, the SBC must already be created. See the procedures described in Chapter 2, "ACE Configuration Prerequisites for the SBC".

Restrictions for Configuring Media Address Pools

The restrictions for configuring media address pools are:

•The ending address must be numerically higher than the starting address.

•The minimum port must be numerically lower than the maximum port.

•Port ranges may not overlap.

•Address ranges may not overlap.

•Address ranges and single addresses may not overlap.

•Where a range of addresses are defined in a single command, they will share any port ranges assigned. If there is a requirement to have different port ranges for different media addresses, then the addresses must be configured separately.

•Media addresses and port ranges may only be deleted before the DBE is activated. After DBE activation, the DBE must be deactivated in order to delete addresses and port ranges.

•After you configure media addresses and pools of addresses, you cannot delete them unless you delete the DBE.

Media Address Pools

If you do not specify a port range, all possible VoIP port numbers are valid. The full VoIP port range extends from 16384 to 32767 inclusive.

You can define a CoS affinity for each port range. The set of CoS is consistent with those used for Quality of Service (QoS) packet marking, and consists of voice and video. If you do not define an associated CoS affinity, then the affinity is for all call types.

You can modify the extent of existing port ranges or the CoS affinities of existing port ranges or delete an existing port range. Any configuration changes do not apply to existing calls but apply to calls being set up after the configuration has been committed.

DBE Signaling Pinhole

You can also configure a media address pool for signaling pinholes by selecting the signaling class of service. The DBE creates application-level pinholes to allow the DBE to forward signaling packets to the SBE. Normal IP forwarding is disabled on the SBC interfaces of the DBE to prevent packets reaching the provider network through the pinholes.

Signaling pinholes are configured in the same way as media pinholes over H.248. They can be differentiated from media pinholes by session descriptions as defined in the Session Description Protocol (SDP) in the local and remote descriptors. The "m=application" line indicates that the termination is a signaling pinhole.

The DBE forwards only traffic that is received on a configured pinhole. The packet must be addressed to a VPN, address, and port. A received packet is linked to a pinhole on the basis of the address/port and VRF Name it was received on. The source address/port are then checked against those configured for the pinhole. Any traffic received on an SBC interface for which no pinhole can be found is dropped.

The DBE does IP relay for TCP or UDP data. The DBE rewrites information within the IP and UDP or TCP headers. It does not update any other parts of the forwarded packets.

Signaling pinholes are given the same fault-tolerance protection as media pinholes so that the backup device can take over forwarding of the signaling traffic in the event of a failure of the primary device.

The DBE allows overlapped local address for signaling pinholes; that is, an SBE is allowed to specify the same local IP address and local port for different signaling pinholes. However, either the transport protocol or VRF name must be different in this case so that the local IP address, port, transport protocol, and VRF name combination are unique for the media or signaling pinhole.

Restrictions for DBE Signaling Pinhole

The following restrictions apply to a DBE Signaling Pinhole:

•IPv6 is not supported.

•Stream Control Transmission Protocol (SCTP) is not supported.

•Domain name in the connection line of the SDP is not supported.

•CLI enabling or disabling is not supported..

•Media down indications are not supported. (DBE signaling pinholes will not be timed out and are only closed when done so explicitly by the MGC.)

Configuring Media Address Pools

This section contains the steps for configuring media address pools.

SUMMARY STEPS

1. configure

2. sbc service-name

3. dbe

4. media-address pool ipv4 A.B.C.D E.F.G.H

or

media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port any

or

media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port signaling

or

media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port video

or

media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port voice

or

media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name

or

media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port any

or

media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port signaling

or

media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port video

or

media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port voice

5. end

6. show services sbc service-name dbe addresses

DETAILED STEPS

	Command or Action	Purpose
Step 1	configure Example: host1/Admin# config	Enables global configuration mode.
Step 2	sbc service-name Example: host1/Admin(config)# sbc test	Enters the mode of an SBC service. Use the service-name argument to define the name of the SBC.
Step 3	dbe Example: host1/Admin(config-sbc)# dbe	Enters the mode of the DBE function of the SBC.
Step 4	media-address pool ipv4 A.B.C.D E.F.G.H Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.10.1 10.10.10.20	Creates a pool of sequential IPv4 media addresses that can be used by the DBE as local media addresses.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port any Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.10.1 10.10.10.20 port-range 16384 30000 any	Creates a pool of sequential IPv4 media addresses that can be used by the DBE as local media addresses where the class of service for the port range is any class of service.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port signaling Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.10.10 10.10.10.20 port-range 5000 6000 signaling	Configures a media address pool for a signaling pinhole that can be used by the DBE as local media addresses.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port video Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.10.1 10.10.10.20 port-range 16384 30000 video	Creates a pool of sequential IPv4 media addresses that can be used by the DBE as local media addresses where the class of service for the port range is video.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H port-range min-port max-port voice Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.10.1 10.10.10.20 port-range 16384 30000 voice	Creates a pool of sequential IPv4 media addresses that can be used by the DBE as local media addresses where the class of service for the port range is voice.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 21.21.21.10 21.21.21.19 vrf vpn1	Creates a pool of sequential IPv4 media addresses for an IPv4 address associated with a specific VPN routing and forwarding (VRF) instance that can be used by the DBE as local media addresses.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port any Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 21.21.21.10 21.21.21.19 vrf vpn2 port-range 10000 10099 any	Creates a pool of sequential IPv4 media addresses for an IPv4 address associated with a specific VRF instance that can be used by the DBE as local media addresses where the class of service for the port range is any class of service.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port signaling Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 21.21.21.10 21.21.21.19 vrf vpn2 port-range 10000 10099 any	Creates a pool of sequential IPv4 media addresses for an IPv4 address associated with a specific VRF instance that can be used by the DBE as local media addresses where the class of service for the port range is signaling.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port video Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 21.21.21.10 21.21.21.19 vrf vpn3 port-range 10000 10099 video	Creates a pool of sequential IPv4 media addresses for an IPv4 address associated with a specific VRF instance that can be used by the DBE as local media addresses where the class of service for the port range is video.
	or
	media-address pool ipv4 A.B.C.D E.F.G.H vrf vrf-name port-range min-port max-port voice Example: host1/Admin(config-sbc-dbe)# media-address pool ipv4 21.21.21.10 21.21.21.19 vrf vpn4 port-range 10000 10099 voice	Creates a pool of sequential IPv4 media addresses for an IPv4 address associated with a specific VRF instance that can be used by the DBE as local media addresses where the class of service for the port range is voice.
Step 5	end Example: host1/Admin(config-sbc-dbe)# end	Returns to EXEC mode.
Step 6	show services sbc dbe addresses Example: host1/Admin# show services sbc dmsbc-node9 dbe address	Lists the addresses configured on DBEs.

Configuring Media Address Pools Example

This section provides sample configurations for media address pools.

This example shows the creation of a static route for the media pool address.

At the supervisor:

Router(config)# ip route 87.87.29.8 255.255.255.248 87.87.29.100 

! 

At the ACE:

host1/Admin(config)# interface vlan 87

host1/Admin(config-if)# ip address 87.87.29.2 255.255.255.0

host1/Admin(config-if)# alias 87.87.29.100 255.255.255.0

host1/Admin(config-if)# peer ip address 87.87.29.3 255.255.255.0

host1/admin(config-if)# no shutdown

host1/Admin(config)# sbc test 

Router//Admin(config-sbc)# dbe

host1/Admin(config-sbc-dbe)# media-address pool 87.87.29.8 87.87.29.15

The following sample script adds a single address (10.10.10.1), and two ranges of addresses (10.10.11.1 through 10.10.11.10 and 10.10.11.21 through 10.10.11.30) to the default media address pool.

Two port ranges are configured on the single address. The first port range is for voice traffic, and runs from port 16384 to 20000 inclusively. The second one is for video traffic, and runs from port 20001 to 65535 inclusively.

The first range of addresses also has two similar port ranges configured that apply to all ten addresses within the range.

The second range of addresses has a single port range defined, and no service class associated with it.

host1/Admin(config)# sbc test 

Router//Admin(config-sbc)# dbe 

host1/Admin(config-sbc-dbe)# media-address ipv4 10.10.10.1 port-range 16384 20000 voice 

host1/Admin(config-sbc-dbe)# media-address ipv4 10.10.10.1 port-range 20001 65535 video 

host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.11.1 10.10.11.10 port-range 
16384 30000 voice 

host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.11.1 10.10.11.10 

port-range 30001 40000 video 

host1/Admin(config-sbc-dbe)# media-address pool ipv4 10.10.11.21 10.10.11.30 port-range 
20000 40000 any