This document outlines the configuration best practices for the Ribbon QSBC when deployed in Access Network with End Points and BroadSoft with both Hosted and Premise mode.
Ribbon QSBC is a network element deployed to protect SIP based Voice over Internet Protocol (VoIP) networks. Early deployments of SBCs were focused on the borders between two service provider networks in a peering environment. This role has now expanded to include significant deployments between a service provider's access network and a backbone network to provide service to residential and/or enterprise customers.
BroadSoft is a platform for Unified Communications as a Service.
It is not the goal of this guide to provide detailed configurations that will meet the requirements of every customer. Use this guide as a starting point and build the QSBC and BroadSoft configurations in consultation with network design and deployment engineers.
This is a technical document intended for telecommunications engineers with the purpose of configuring Ribbon QSBCs in Access Deployment with BroadSoft. Steps will require navigating the Product Guide as well as the Operations Guide. Understanding the basic concepts of TCP/UDP, IP/Routing, and SIP/RTP is needed to complete the configuration and any necessary troubleshooting.
This configuration guide is offered as a convenience to Ribbon customers. The specifications and information regarding the product in this guide are subject to change without notice. All statements, information, and recommendations in this guide are believed to be accurate but are presented without warranty of any kind, express or implied, and are provided “AS IS”. Users must take full responsibility for the application of the specifications and information in this guide.
The sample configuration in this document uses the following equipment and software:
Vendor | Equipment | Software Version |
---|---|---|
POLYCOM | IP Phones | 5.5 |
Ribbon Communications | Ribbon QSBC | V9.4.0 |
BroadSoft | BroadSoft Network Server | Rel_22.0_1.1123 |
BroadSoft Application Server & MS | Rel_22.0_1.1123 |
This section covers the QSBC deployment topology and the Interoperability Test Lab Topology.
The following lab topology diagram shows connectivity between Broadsoft and Ribbon QSBC.
SSH login to the QSBC | |
---|---|
Ip | 10.x.x.x |
Port | 5060 |
Username | root |
Password | xxxxxxx |
1. Create Vnet for both the realms.
cli vnet add v1 cli vnet edit v1 ifname eth2 primary-gateway x.x.x.x cli vnet add v2 cli vnet edit v2 ifname eth3 primary-gateway y.y.y.y
Replace "x.x.x.x" with the SBC's Ethernet interface (eth) Gateway IP address (example eth2 IP) and "y.y.y.y" with the SBC's Ethernet interface (eth) Gateway IP address (example eth3 IP).
2. Create the realm and associate it to the Vnet created above.
cli realm add ACCESS cli realm edit ACCESS vnet v1 rsa x.x.x.x mask y.y.y.y emr alwayson imr alwayson medpool 1 cli realm add CORE cli realm edit CORE vnet v2 rsa c.c.c.c mask y.y.y.y emr alwayson imr alwayson medpool 2
Replace "x.x.x.x" with the SBC's Ethernet interface (eth) IP address (example eth2 IP), and "y.y.y.y" with its netmask.
Provide mediapool id configured in mdevices.xml (example medpool 1).
Replace "c.c.c.c" with the SBC's Ethernet interface (eth) IP address (example eth3 IP), and "y.y.y.y" with its netmask.
Provide mediapool id configured in mdevices.xml (example medpool 2).
3. Create the endpoints.
The endpoints can be created dynamically or statically.
The endpoint in QSBC for the real phones are created dynamically, hence the following configuration should be done.
nxconfig.pl -e obp -v 1 nxconfig.pl -e allow-dynamicendpoints -v 1
The Broadsoft Application server and Network server will be added as static endpoints. The static endpoints can be created as follows.
cli iedge add proxy1 1 cli iedge edit proxy1 1 realm CORE type sipproxy sip enable static x.x.x.x contact x.x.x.x:p cli iedge add proxy2 1 cli iedge edit proxy2 1 realm CORE type sipproxy sip enable static y.y.y.y contact y.y.y.y:p
Replace "x.x.x.x" with Broadsoft Network server ip and p with port. Replace "y.y.y.y" with BroadSoft Application server Ip and "p" with port info.
We can have two different "p" for the same endpoint if using two different port values.
4. Add calling plan and calling route with QSBC peer to peer mode (will not be needed for hosted scenario).
cli cp add cp1 cli cr add cr1 cli cr edit cr1 dest 240720 prefix 240720 calltype dest cli cp add cp1 cr1
1. Clear the DNS cache.
systemctl restart named nxconfig.pl -e dnscacheinterval 0
2. Configure QSBC For SRV Query only at endpoint level.
cli iedge edit proxy2 <uport> locatingsipserver SRV cli iedge edit proxy1 <uport> locatingsipserver SRV
Where proxy2 is Broadsoft Application server endpoint name and proxy1 is Network server endpoint name with <uport> as 1.
3. Create a zone file to resolve the Ip's of Broadsoft Application server and Broadsoft Network server.
Example for DNS zone file with SRV record:
$TTL 3600 @ IN SOA InDns06.broadsoft.com. root.broadsoft.com. ( 2019080909 ; Serial number (yyyymmdd-num) 8H ; Refresh 2M ; Retry 4W ; Expire 1D ) ; Minimum IN NS InDns06 as.ipv4 A 0.0.0.0 as.ipv6 AAAA 0::0 InDns06 A t.t.t.t ns1 A z.z.z.z broadsoft.com IN A x.x.x.x broadsoft.com IN A y.y.y.y ;;as A x.x.x.x ;;@ IN 60 NS broadsoft.com. ;; IN A x.x.x.x _sip._udp.ns1 86400 IN SRV 0 0 5060 ns1 _sip._udp.broadsoft.com. 86400 IN SRV 0 0 5060 broadsoft.com ~ ~
Replace "x.x.x.x" with Broadsoft Primary Application server Ip and "y.y.y.y" with Broadsoft Secondary Application server IP.
Replace "t.t.t.t" with your DNS IP and "z.z.z.z" with Broadsoft Network server IP.
Replace broadsoft.com with domain name of Broadsoft Application server, and replace ns1 with Broadsoft Network server domain name.
License Upload
If issues occur during the license upload, manually copy the license file "iserverlc.xml" to /usr/local/nextone/bin/ location in QSBC, and restart it using "ist;iss".
SBCs must direct SIP requests to the BroadWorks Network Server to determine the hosting Application Server for the user. The Network Server responds to the SBC’s request with a 302 Redirect, and the 302 supplies the Application Server address, hence SBC will send the request to the Application server.
All requests inbound to the SBC from BroadWorks will originate from the Application Server, so the SBC must be configured to accept requests from Application Server address.
The following are the configurations to work in a hosted setup environment, where the initial signal goes to Network Server and then to AS.
1. Create an IEdge group for the Redirect Server using the following command.
cli igrp add <iedge group name>
With this command, you are adding one IEdge group on your SBC.
<iedge group name> is the name you want to assign to the group you are creating.
2. Assign the Redirect Server endpoint to the IEdge group you just created using the following command.
cli iedge edit proxy1 <uport> igrp <iedge group name>
where: proxy1 <uport> identifies the Redirect Server endpoint and <iedge group name> identifies the IEdge group you just created for it.
3. For the Application Server endpoint pointed to by the Request-URI in incoming messages, set the netserver_group option to the IEdge group for the Redirect Server using the following command
cli iedge edit proxy2 <uport> netserver_group <iedge group name>
where: proxy2 <uport> identifies the Application Server endpoint and <iedge group name> is the IEdge group for the Redirect Server to which the incoming.
QSBC - BroadSoft Premise Scenario Configuration
The SBC sends SIP requests directly to the BroadWorks Application Server. All requests inbound to the SBC from BroadWorks originate from the Application Server, so the SBC must be configured to accept requests from Application Server address.
For Premise setup, disable the netserver_group configuration on AS endpoint using the following command:
cli iedge edit <regid> <uport> netserver_group none
Refer to Section C for advanced scenario configuration.
Follow the sequence below to configure BroadSoft.
Enter the credentials and click login.
From the Broadsoft home page:
Click on Assign Services to assign or un-assign services and service packs for a user. If a service or service pack is unassigned the service data that has been filled out will be lost.
Use this page to display the service packs and individual services available to be assigned to a user.
Using this page, you can also:
Assign service packs to a user
Un-assign service packs from a user
Ensure all the required services like Authentication and supplementary services like Call Forwarding, Call Transfer, Call Waiting, etc. are assigned to the user.
Navigate to Profile > Users > Utilities and select Authentication.
Use this screen to change the user's authentication password. This password is used to authenticate an IP phone, which allows calls to be made over Internet Protocol (IP) based networks.
The authentication password and username can be different from the system password and user ID that are used at initial system login. While you can choose to use the same name and password for authentication and initial login, they allow access to different services. The password restrictions may differ.
As required, enable or disable the services to handle the incoming calls by navigating to Profile > Users > Incoming Calls.
This page displays menu items used to handle incoming calls. You can activate or deactivate some services by turning them on or off on the page for the service. To access these pages, click on the link for that service.
Ensure QSBC SipSg IP (configured towards Broadsoft) is allowed in the Network server in order to receive 3xx Redirect response with multiple AS FQDNs in Contact header. Open the browser and enter Broadsoft Network Server IP.
Provide the admin username and password, and click Login.
Navigate to Network > Routing NEs, and click Add.
This page allows the user to add routing network elements (NEs). Once added, the routing NE appears on the Routing NEs page.
A routing NE is a network element that provides connectivity to remote networks, for example, the PSTN. A routing NE is a system provider-owned device. It can either be a network gateway or a proxy server used to "front" network gateways.
Navigate to Network > Routing NE Addrs, and click Add.
From this screen, add routing network element (NE) addresses. Once added, the routing NE address displays on the Routing NE Addrs screen.
Execute the following commands to relay SUBSCRIBE messages with Auth header.
cli realm edit <ACCESS REALM> sipauth sub cli realm edit <CORE REALM> sipauth sub
Execute the following commands so that QSBC goes for a SRV query.
cli iedge edit <regid of NS of BSFT> <uport> locatingsipserver SRV cli iedge edit <regid of AS of BSFT> <uport> locatingsipserver SRV
Take TCP dump to capture DNS query on QSBC.
tcpdump -i any -w "filename.pcap"
Execute the following commands to relay REFER messages with Auth header.
cli realm edit <ACCESS REALM> sipauth refer cli realm edit <CORE REALM> sipauth refer
Execute the following command to disable the session expires timer.
nxconfig.pl -e sessiontimersupport -v 0
Execute the following command to change the session expires timer and min-sec timer.
nxconfig.pl -e sipsess -v <time in sec> nxconfig.pl -e sipminse -v <time in sec>
For Network Conference, add the FMM to have FQDN instead of IP in "REFER-TO" header of out going (towards BSFT) REFER message.
File fmmConfiguration.fmm has the following FMM:
cli fmm trigger add check-invite-response-t sip-header cli fmm trigger edit check-invite-response-t method is("INVITE") cli fmm trigger edit check-invite-response-t msg.type is("response") cli fmm trigger edit check-invite-response-t header.name is("Contact") cli fmm action add check-invite-response-a modify cli fmm action edit check-invite-response-a check-invite-response-t.uri.hostport "172.20.3.17" cli fmm rule add check-invite-response-r cli fmm rule edit check-invite-response-r condition check-invite-response-t cli fmm rule edit check-invite-response-r actions check-invite-response-a cli fmm profile add check-invite-response-p cli fmm profile edit check-invite-response-p rules check-invite-response-r
Copy the file “fmmConfiguration.fmm” on Q-SBC let say at /usr/local/nextone/fmm/ fmmConfiguration.fmm
Run the following commands:
cli fmm import fmmConfiguration.fmm cli realm edit <egress_realm_name> fmm-egress-profile modify_Refer-To-p
Execute the following commands to modify the expires header and min sec header.
nxconfig.pl -e obpxfactor -v <sec> nxconfig.pl -e age-timeout -v <sec> nxconfig.pl -e sipminse -v <sec>
Execute the following command to change the port.
cli iedge edit <regid> <uport> contact <URI>:[<port>];
Execute the following command to increase the size of sip message buffer.
nxconfig.pl -e sipmaxmsgsize -v <integer>
Sr. No. | Features/Services | Supported |
---|---|---|
1 | Basic Registration with Authentication | |
2 | Basic Registration with reg-key | |
3 | 3xx Response handling with maddr | |
4 | Basic calls | |
5 | CANCEL Scenario | |
6 | User Busy | |
7 | Session Audit | |
8 | Session Timers | |
9 | Music on Hold | |
10 | Remote Ringback | |
11 | Local Ringback followed by Remote Ringback | |
12 | Call Forward | |
13 | Voice Portal | |
14 | Anonymous call: Trusted and Non-trusted endpoint | |
15 | Calling Name with Unicode Characters | |
16 | DIVERSION Header: Single and Multiple Redirects | |
17 | HISTORY-INFO | |
18 | Blind Transfer | |
19 | Attended Transfer | |
20 | Local Conference | |
21 | Network Conference | |
22 | Line-seize | |
23 | BLF | |
24 | Call Waiting | |
25 | DNS SRV query | |
26 | Video call |
Legend
Supported | |
Not supported |
This detailed reference configuration guide describes the configuration steps for the Ribbon QSBC in Access deployment with Broadsoft Application Server in Hosted and Premise mode.