SIP Renegotiation
The Cisco Unified Border Element (SP Edition) supports two Session Initiation Protocol (SIP) renegotiation related features:
The Delta Renegotiation feature determines which SIP renegotiation mode will be used by the session border controller (SBC) when renegotiating media: Delta Renegotiation or Make-Before-Break Renegotiation.
- Support Renegotiated Call Over NAT
The Support Renegotiated Call Over NAT feature allows you to ensure that pinholes are preserved for deleted streams so that if the stream is re-enabled, Cisco Unified Border Element (SP Edition) will re-use the same pinhole.
These features significantly reduce the situations in which media ports change mid-call, which provides interoperability and Network Address Translation (NAT) traversal benefits.
Note
For Cisco IOS XE Release 2.4, the Delta Renegotiation and Support Renegotiated Call Over NAT features are supported in the unified model only.
Cisco Unified Border Element (SP Edition) was formerly known as Integrated Session Border Controller and may be commonly referred to in this document as the session border controller (SBC).
For a complete description of the commands used in this chapter, refer to the Cisco Unified Border Element (SP Edition) Command Reference: Unified Model at:
http://www.cisco.com/en/US/docs/ios/sbc/command/reference/sbcu_book.html.
For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or a Cisco IOS master commands list.
Feature History for SIP Renegotiation
|
|
Cisco IOS XE Release 2.4 |
The Delta Renegotiation and Support Renegotiated Call Over NAT features were introduced on the Cisco IOS XR along with support for the unified model. |
Contents
This module contains the following sections:
Restrictions for Delta Renegotiation
The restrictions for Delta Renegotiation are:
- When Delta Renegotiation mode is in use, stream statistics and Secure Device Provisioning (SDP) billing information will be output at call termination, not at Delta Renegotiation.
- When Delta Renegotiation mode is in use, the following precepts apply:
–
Renegotiation may cause a change in the Differentiated Services Code Point (DSCP) marking policy.
–
The port range depends on the initial incarnation of the stream.
- Under certain scenarios, if the Cisco Unified Border Element (SP Edition) fails over while a Delta Renegotiation is in progress, media resources (such a pinholes and bandwidth allowances) may be unnecessarily allocated.
Information About Delta Renegotiation
The Delta Renegotiation feature determines which SIP renegotiation mode will be used by the Cisco Unified Border Element (SP Edition) when renegotiating media:
When the Cisco Unified Border Element (SP Edition) performs a Delta Renegotiation, it retains the existing media pinholes and modifies their variables. Delta Renegotiation mode is used for SIP/H.323 interworked calls and for IP Multimedia Subsystem (IMS) calls.
- Make-Before-Break Renegotiation mode
When the Cisco Unified Border Element (SP Edition) performs a Make-Before-Break Renegotiation, it creates new pinholes with the proposed media properties, then removes the pre-existing pinholes when the renegotiation completes. These new pinholes temporarily exist in parallel with the existing (old) media pinholes. When the renegotiation completes, Cisco Unified Border Element (SP Edition) deletes the old media pinholes, leaving just the new ones. (Or, if the renegotiation fails, it rolls back to the old state by deleting the new pinholes.)
Delta Renegotiation mode is the default SIP renegotiation mode for all SIP-to-SIP negotiations on the Cisco Unified Border Element (SP Edition) with the following exceptions:
If the renegotiation changes the address family from IPv4 to IPv6, or vice versa, a new media address is required, and therefore Make-Before-Break Renegotiation mode will be used.
If the renegotiation causes a call to switch between media bypass and non-media bypass mode, the endpoints will perceive a change in the media address, and therefore Make-Before-Break Renegotiation mode will be used.
Restriction for Support Renegotiated Call Over NAT
The restriction for the Support Renegotiated Call Over NAT feature is:
- Stream statistics and SDP billing information will be output at call termination, not at Delta Renegotiation.
Information About Support Renegotiated Call Over NAT
The Support Renegotiated Call Over NAT feature allows you to ensure that media pinholes are preserved for deleted streams so that if a stream is re-enabled, the Cisco Unified Border Element (SP Edition) will re-use the same pinhole.
This feature is used to avoid de-allocation of a video pinhole in a NAT scenario where Delta Renegotiation mode is in effect and a video transmission is paused. Although the standard SDP protocol when a video transmission is paused is to set the video stream to “a=inactive” (which indicates that SBC should keep the stream allocated), there are known devices that do not set the video stream to “a=inactive” to pause it. Instead, these devices delete the video stream by setting its port to 0. To ensure that the stream remains allocated and the pinhole is preserved even when the SBC receives a port value of 0 during a media stream renegotiation, you can enable the Support Renegotiated Call Over NAT feature.
Use the media address preserve command to enable the Support Renegotiated Call Over NAT feature on a per-call basis.
Configuring Support Renegotiated Call Over NAT
This section contains the steps to configure the Support Renegotiated Call Over NAT feature, which preserves media pinholes for deleted streams on a per-call basis.
SUMMARY STEPS
1.
configure
2.
sbc service-name
3.
sbe
4.
cac-policy-set policy-set-id
5.
first-cac-table table-name
6.
cac-table table-name
7.
table-type { policy-set | limit { list of limit tables }}
8.
entry entry-id
9.
cac-scope {list of scope options}
10.
[no] media address preserve
11.
action cac complete
12.
complete
13.
active-cac-policy set policy-set-id
14.
show sbc service-name sbe cac-policy-set policy-set-id table table-name entry entry-id
DETAILED STEPS
|
|
|
Step 1 |
configure
Router# configure |
Enables global configuration mode. |
Step 2 |
sbc service-name
Router(config)# sbc mysbc |
Enters the mode of an SBC service.
- Use the service-name argument to define the name of the service.
|
Step 3 |
sbe
Router(config-sbc)# sbe |
Enters the mode of an SBE entity within an SBC service. |
Step 4 |
cac-policy-set policy-set-id
Router(config-sbc-sbe)# cac-policy-set 1 |
Enters the mode of CAC policy set configuration within an SBE entity, creating a new policy set if necessary. |
Step 5 |
first-cac-table table-name
Router(config-sbc-sbe-cacpolicy)# first-cac-table 1 |
Configures the name of the first policy table to process when performing the admission control stage of policy. |
Step 6 |
cac-table table-name
Router(config-sbc-sbe-cacpolicy)# cac-table 1 |
Enters the mode for configuration of an admission control table (creating one if necessary) within the context of an SBE policy set. |
Step 7 |
table-type {policy-set | limit {list of limit tables}}
Router(config-sbc-sbe-cacpolicy-cactable)# table-type policy-set |
Configures the table type of a CAC table within the context of an SBC policy set. list of limit tables can be one of the following values:
- account —Compare the name of the account.
- adj-group —Compare the name of the adjacency group.
- adjacency —Compare the name of the adjacency.
- all —No comparison type. All events match this type.
- call-priority —Compare with call priority.
- category —Compare the number analysis assigned category.
- dst-account —Compare the name of the destination account.
- dst-adj-group —Compare the name of the destination adjacency group.
- dst-adjacency —Compare the name of the destination adjacency.
- dst-prefix —Compare the beginning of the dialed digit string.
- event-type —Compare with CAC policy event types.
- src-account —Compare the name of the source account.
- src-adj-group —Compare the name of the source adjacency group.
- src-adjacency —Compare the name of the source adjacency.
- src-prefix —Compare the beginning of the calling number string.
Features can be enabled or disabled per adjacency group through CAC configuration the same way this is done per individual adjacencies. The adj-group table type matches on either source or destination adjacency group. When the policy-set keyword is specified, use the cac-scope command to configure the scope within each entry at which limits are applied in a CAC Policy Set table. |
Step 8 |
entry entry-id
Router(config-sbc-sbe-cacpolicy-cactable)# entry 1 |
Enters the mode to create or modify an entry in an admission control table. |
Step 9 |
cac-scope { list of scope options }
Router(config-sbc-sbe-cacpolicy-cactable-entry)# cac-scope src-adjacency |
Choose a scope at which CAC limits are applied within each entry in a Policy Set table. list of scope options— Specifies one of the following strings used to match events:
- account—Events that are from the same account.
- adjacency—Events that are from the same adjacency.
- adj-group—Events that are from members of the same adjacency group.
- call—Scope limits are per single call.
- category—Events that have same category.
- dst-account—Events that are sent to the same account.
- dst-adj-group—Events that are sent to the same adjacency group.
- dst-adjacency—Events that are sent to the same adjacency.
- dst-number—Events that have the same destination.
- global—Scope limits are global
- src-account—Events that are from the same account.
- src-adj-group—Events that are from the same adjacency group.
- src-adjacency—Events that are from the same adjacency.
- src-number—Events that have the same source number.
|
Step 10 |
media address preserve
Router(config-sbc-sbe-cacpolicy-cactable-entry)# media address preserve |
Ensures that media pinholes are preserved (disabled) for deleted streams.
- [no] —Allows media pinholes to be deleted for deleted streams.
|
Step 11 |
action cac-complete
Router(config-sbc-sbe-cacpolicy-cactable-entry)# action cac complete |
When an event matches, this CAC policy is complete. |
Step 12 |
complete
Router(config-sbc-sbe-cacpolicy)# complete |
Completes the CAC policy set when you have committed the full set. |
Step 13 |
active cac-policy-set policy-set-id
Router(config-sbc-sbe)# active cac-policy-set 1 |
Sets the active CAC policy set within an SBE entity. |
Step 14 |
show sbc service-name sbe cac-policy-set policy-set-id table table-name entry entry-id
Router# show sbc mysbc sbe cac-policy-set 1 table 1 entry 1 |
Lists detailed information for a given entry in a CAC policy table, including whether the Support Renegotiated Call Over NAT feature is enabled. When this feature is enabled, the “Media Address” field shows a value of “Preserve.” |
Configuration Example—Support Renegotiated Call Over NAT
The following example enables the Support Renegotiated Call Over NAT feature described in this chapter on a per-call basis
The following example shows detailed output for the CAC policy set 1, table 1, entry 1, including the “Media Address” field that shows a value of “Preserve,” indicating the Support Renegotiated Call Over NAT feature is enabled
Router# show sbc mysbc sbe cac-policy-set 1 table 1 entry 1
Policy set 1 table 1 entry 1
Max in-call rate Unlimited
Max out-call rate Unlimited
Max registrations Unlimited
Caller privacy setting Never hide
Callee privacy setting Never hide
Early media direction Both
Restrict codecs to list default
Restrict caller codecs to list default
Restrict callee codecs to list default
SRTP Transport Trusted-Only (by default)
Callee hold setting Standard
Caller hold setting Standard
Number of calls rejected by this entry 0