- Preface
-
- Configuring the Cisco Application Control Engine
- Configuring the Cisco TelePresence Multipoint Switch
- Configuring the Cisco Router with IVR
- Configuring Cisco Unified Communications Manager
- Configuring Cisco TelePresence Manager
- Configuring Cisco Session Border Controllers
- Configuring Cisco TelePresence MSE 8000 Series
- Configuring Internet Group Management Protocol for Multicast Support
- Glossary
Configuring Cisco Session Border Controllers
This section describes the Cisco TelePresence Exchange System configuration requirements for the session border controller (SBC) functionality.
This section includes the following topics:
•Creating a Session Border Controller Interface
•Creating a Management Interface
•Configuring the Signaling Border Element
The procedures in this section assume that a Cisco Aggregation Series Router (Cisco ASR) serves as an SBC, and that the router is installed and active in the network. See the Release Notes for the Cisco TelePresence Exchange System document for information about the Cisco routers that support SBC functionality. The document is available at http://www.cisco.com/go/ctx-relnotes.
For more information about configuring the SBC on the Cisco ASR, see the Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model document at http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/sbcu/2_xe/sbcu_2_xe_book.html.
For more details on the commands shown in the configuration commands below, see the Cisco Unified Border Element (SP Edition) Command Reference: Unified Model document at http://www.cisco.com/en/US/docs/ios/sbc/command/reference/sbcu_book.html.
Note Cisco Unified Border Element (SP Edition) was formerly known as Integrated Session Border Controller and may be referenced in this document as the session border controller (SBC).
Creating a Session Border Controller Interface
You must create an SBC interface for each SBC module in the Cisco ASR and assign at least one primary IP address to the interface.
Procedure
To configure the SBC interface, do the following procedure:
The following example shows how to create an SBC interface and assign primary and secondary IP addresses and subnet masks:
Router(config)# interface sbc 1
Router(config-if)# ip address 10.22.141.100 255.255.255.248
Router(config-if)# ip address 10.22.141.101 255.255.255.248 secondary
Router(config-if)# ip address 10.22.141.102 255.255.255.248 secondary
Creating a Management Interface
You must define at least one management interface on the Cisco ASR for Telnet and SSH remote access.
Procedure
To define a management interface, do the following procedure:
The following example shows how to configure a management interface:
Router(config)# interface GigabitEthernet 0/0/0
Router(config-if)# ip address 10.22.139.84 255.255.255.224
Router(config-if)# negotiation auto
Creating the SBC Instance
To configure the signaling border element (SBE) and data border element (DBE) on the SBC, you first create an SBC instance.
Procedure
To create the SBC instance, do the following procedure:
The following example shows how to create the SBC instance and enable secure media pass through:
Router(config)# sbc mmsbc
Router(config-sbc)# sbe
Router(config-sbc-sbe)# secure-media
Configuring the Signaling Border Element
You configure the signaling border element (SBE) to enable SIP signaling functionality such as header and method profiles, adjacencies, call admission control policies, route tables and blacklists.
SBE configuration is described in the following sections:
Configuring Default Profiles
Procedure
To configure the default profiles on the SBE, do the following procedure:
The following example shows how to define default header and method profiles:
Router(config)# sbc mmsbc
Router(config-sbc)# sbe
Router(config-sbc-sbe)# sip-header profile default
Router(config-sbc-sbe-sip-hdr-prf)# header Allow entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header Reason entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header SERVER entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header DIVERSION entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header Allow-Events entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header session-expiry entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header Session-Expires entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe-sip-hdr-prf)# header RESOURCE-PRIORITY entry 1
Router(config-sbc-sbe-sip-hdr-prf-ent)# action pass
Router(config-sbc-sbe)# sip method-profile default
Router(config-sbc-sbe-sip-mth)# pass-body
Router(config-sbc-sbe-sip-mth)# method INFO
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe-sip-mth)# method REFER
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe-sip-mth)# method INVITE
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe-sip-mth)# method NOTIFY
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe-sip-mth)# method OPTION
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe-sip-mth)# method UPDATE
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe-sip-mth)# method SUBSCRIBE
Router(config-sbc-sbe-sip-mth)# action pass
Router(config-sbc-sbe)# sip-option profile default
Router(config-sbc-sbe-sip-opt)# option TIMER
Router(config-sbc-sbe-sip-opt)# option REPLACES
Router(config-sbc-sbe-sip-opt)# exit
Creating Adjacencies
An adjacency represents a signaling relationship with a remote call agent. The adjacency defines protocol-specific parameters as well as admission control and routing policy. Each incoming call is matched to an adjacency, and each outgoing call is routed out over an adjacency.
You need to create adjacencies between the SBE and the following network elements:
•Cisco Application Control Engine
•Hosted Cisco Unified Communications Manager
•Both Cisco TelePresence Exchange System call engines
Also, you need to create an adjacency for each remote SP to which we provide interconnect service.Procedure
To create an adjacency, do the following procedure:
The following example shows how to create an adjacency between the SBE and the Cisco ACE:
Router(config)# sbc mmsbc
Router(config-sbc)# sbe
Router(config-sbc-sbe)# adjacency sip SBC-ACE
Router(config-sbc-sbe-adj-sip)# nat force-off
Router(config-sbc-sbe-adj-sip)# hunting-trigger 408 500 503
Router(config-sbc-sbe-adj-sip)# preferred-transport tcp
Router(config-sbc-sbe-adj-sip)# signaling-address ipv4 10.22.141.100
Router(config-sbc-sbe-adj-sip)# statistics-setting summary
Router(config-sbc-sbe-adj-sip)# signaling-port port-num 5060
Router(config-sbc-sbe-adj-sip)# remote-address ipv4 10.22.141.98 255.255.255.255
Router(config-sbc-sbe-adj-sip)# signaling-peer 10.22.141.98
Router(config-sbc-sbe-adj-sip))# attach
The following example shows how to create an adjacency between the SBC and the Unified CM and how to define a call admission control policy for the SBE:
Router(config)# sbc mmsbc
Router(config-sbc)# sbe
Router(config-sbc-sbe)# adjacency sip UNCM-SBC
Router(config-sbc-sbe-adj-sip)# nat force-off
Router(config-sbc-sbe-adj-sip)# hunting-trigger 408 500 503
Router(config-sbc-sbe-adj-sip)# preferred-transport tcp
Router(config-sbc-sbe-adj-sip)# signaling-address ipv4 10.22.141.100
Router(config-sbc-sbe-adj-sip)# signaling-port port-num 5060
Router(config-sbc-sbe-adj-sip)# remote-address ipv4 10.22.139.70 255.255.255.255
Router(config-sbc-sbe-adj-sip)# signaling-peer 10.22.139.70
Router(config-sbc-sbe-adj-sip)# attach
Configuring CAC Policy
You need to define call admission control (CAC) policy to instruct the SBC to ignore the media bandwidth fields in the session description protocol (SDP) messages.
Procedure
To define a CAC policy, do the following procedure:
|
|
|
---|---|---|
Step 1 |
Router(config-sbc-sbe)#
cac-policy-set policy-set-id
|
Creates a new CAC policy set for the SBE. The new CAC policy set is empty until you define additional parameters for the policy. |
Step 2 |
Router(config-sbc-sbe-cacpolicy)#
first-cac-table table-name
|
Defines the first policy table to process when performing the admission control stage of policy. |
Step 3 |
Router(config-sbc-sbe-cacpolicy)# cac-table table-name |
Creates an admission control table for the CAC policy set created in Step 1. |
Step 4 |
Router(config-sbc-sbe-cacpolicy -cactable)# table-type policy set |
Configures the CAC table type. Policy set specifies that the event is applied to all entries in the table. |
Step 5 |
Router(config-sbc-sbe-cacpolicy
-cactable)# entry entry-id
|
Creates an entry in the CAC table. |
Step 6 |
Router(config-sbc-sbe-cacpolicy -cactable-entry)# media bandwidth-fields ignore |
Sets the media flag to ignore the media bandwidth fields (b-line) in the session description protocol (SDP) messages. The SBC will use the CODEC value in the SDP message to calculate the baseline bandwidth required for the media stream. |
Step 7 |
Router(config-sbc-sbe-cacpolicy -cactable-entry)# action cac-complete |
Configures the action to perform after this entry in the CAC table. The cac-complete keyword specifies that no further action is required for this CAC policy. |
Step 8 |
Router(config-sbc-sbe-cacpolicy -cactable-entry)# exit |
Exits the CAC table entry configuration mode. |
Step 9 |
Router(config-sbc-sbe-cacpolicy)# complete |
Marks the end of a CAC policy set definition. |
Step 10 |
Router(config-sbc-sbe-cacpolicy)# exit |
Exits the CAC policy configuration mode. |
Step 11 |
Router(config-sbc-sbe)#
active-cac-policy-set policy-set-id
|
Sets the active CAC policy set within the SBE. |
The following example shows how to define a call admission control policy for the SBE:
Router(config-sbc-sbe)# cac-policy-set 1
Router(config-sbc-sbe-cacpolicy)# first-cac-table BW
Router(config-sbc-sbe-cacpolicy)# cac-table BW
Router(config-sbc-sbe-cacpolicy-cactable)# table-type policy set
Router(config-sbc-sbe-cacpolicy-cactable)# entry 1
Router(config-sbc-sbe-cacpolicy-cactable-entry)# media bandwidth-fields ignore
Router(config-sbc-sbe-cacpolicy-cactable-entry)# action cac-complete
Router(config-sbc-sbe-cacpolicy-cactable-entry)# exit
Router(config-sbc-sbe-cacpolicy)# complete
Router(config-sbc-sbe-cacpolicy)# exit
Router(config-sbc-sbe)# active-cac-policy-set 1
Configuring Call Policies
Create a call policy set to contain the incoming and outgoing route tables. The route tables provide a mapping of each incoming and outgoing call to its corresponding adjacency.
Entries in the SBC route table must match the corresponding entries in the Cisco TelePresence Exchange System routing tables. The carrier ID that you insert on an incoming route (or use as the match parameter on an outgoing route) needs to match the SBC Tag field in the Cisco TelePresence Exchange System. See the "Configuring Routes" section on page 12-1 for information about configuring routes on the Cisco TelePresence Exchange System.
Procedure
To create a call policy set and configure the route tables, do the following procedure:
The following example shows how to create a call policy for the SBE and match it to an adjacency:
Router(config-sbc-sbe)# call-policy-set 1
Router(config-sbc-sbe-rtgpolicy)# first-call-routing-table INCOMING
Router(config-sbc-sbe-rtgpolicy)# rtg-src-adjacency-table INCOMING
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 1
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action complete
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# edit-cic replace 200
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# dst-adjacency SBC-ACE
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-adjacency WMT-ADJ1
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 2
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action complete
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# edit-cic replace 400
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# dst-adjacency SBC-ACE
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-adjacency SBC-UNCM
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 3
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action next-table CIC-OUTGOING
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-adjacency SBC-ACE
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 4
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action next-table CIC-OUTGOING
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-adjacency SBC-Engine1
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 5
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action next-table CIC-OUTGOING
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-adjacency SBC-Engine2
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# exit
Router(config-sbc-sbe-rtgpolicy)# rtg-carrier-id-table OUTGOING
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 1
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action complete
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# edit-cic replace 0
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# dst-adjacency WMT-ADJ1
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-cic 200
Router(config-sbc-sbe-rtgpolicy-rtgtable)# entry 2
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# action complete
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# edit-cic replace 0
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# dst-adjacency SBC-UNCM
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# match-cic 200
Router(config-sbc-sbe-rtgpolicy-rtgtable-entry)# exit
Router(config-sbc-sbe-rtgpolicy-rtgtable)# exit
Router(config-sbc-sbe-rtgpolicy)# complete
Router(config-sbc-sbe-rtgpolicy)# exit
Router(config-sbc-sbe)# active-call-policy-set 1
Configuring SIP Timers
Procedure
To define a SIP timer for call processing within the SBE, do the following procedure:
The following example shows how to set a SIP timer for the SBE:
Router(config-sbc-sbe)# sip timer
Router(config-sbc-sbe-sip-tmr)# tcp-idle-timeout 120000
Router(config-sbc-sbe-sip-tmr)# tcp-connect-timeout 5000
Router(config-sbc-sbe-sip-tmr)# exit
Note The values shown in the previous example are the recommended values for the Cisco TelePresence Exchange System configuration.
Defining Blacklists
Procedure
To define a global blacklist for the SBE, do the following procedure:
The follow example shows how to set a global blacklist for the SBE:
Router(config-sbc-sbe)# blacklist global
Router(config-sbc-sbe-blacklist-global)# reason authentication-failure
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason bad-address
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason routing-failure
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason endpoint-registration
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason policy-rejection
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason corrupt-message
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global-reason)# exit
Router(config-sbc-sbe)# blacklist global address-default
Router(config-sbc-sbe-blacklist-global)# reason authentication-failure
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason bad-address
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason routing-failure
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason endpoint-registration
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason policy-rejection
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global)# reason corrupt-message
Router(config-sbc-sbe-blacklist-global-reason)# timeout 1 milliseconds
Router(config-sbc-sbe-blacklist-global-reason)# exit
Router(config-sbc-sbe-blacklist-global)# exit
Router(config-sbc-sbe)#
Defining a Media Address
Configure a local media address for traffic that arrives on the SBE for each defined SBC virtual IP address (see the "Creating a Session Border Controller Interface" section). The SBC inserts its own address into the media stream.
After you configure a local media address, the media address cannot be modified while the SBE service is active.
The media address is a pool of IP addresses on the SBE for media relay functionality.
Procedure
To define a media address, do the following procedure:
The following example shows how to define a local media address for each defined SBC virtual IP address:
Router(config-sbc)# media-address ipv4 10.22.141.102
Router(config-sbc-media-address)# port-range 16384 32766 any
Router(config-sbc-dbe)# media timeout 600
Router(config-sbc-dbe)# activate