In this section:

Use this example configuration to configure your SLB-SBC setup on VMware/KVM.

Note

Use the same configuration on all SBCs that communicate to a particular SLB.

Procedure

License Requirements

The following licenses are required to perform this procedure:

  • LB-INSTANCE on SLB (on/off)
  • SBC-LB on SBC (count based) 
Configure SLB on VMware/KVM HFE2.1
set system admin SLBHA accountManagement maxSessions 5 sessionIdleTimeout idleTimeout 120
commit 

set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 portName pkt0 ipAddress 10.34.226.115 vlanTag 626 prefix 24 altIpAddress fd00:10:6b50:4d30::20 altPrefix 60 state enabled mode inService
commit
set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 portName pkt1 ipAddress 10.34.228.115 vlanTag 628 prefix 24 altIpAddress fd00:10:6b50:4d40::20 altPrefix 60 state enabled mode inService
commit
set addressContext default ipInterfaceGroup LIG3 ipInterface LIF3 portName pkt0 ipAddress 10.34.222.104 vlanTag 622 prefix 24 altIpAddress fd00:10:6b50:5df0::2a altPrefix 60 state enabled mode inService
commit

set addressContext default staticRoute 0.0.0.0 0 10.34.226.1 LIG1 LIF1 preference 100
commit
set addressContext default staticRoute 0.0.0.0 0 10.34.228.1 LIG2 LIF2 preference 100
commit
set addressContext default staticRoute 0.0.0.0 0 10.34.227.1 LIG3 LIF3 preference 100
commit


set addressContext default zone ZONE_IAD id 2
commit
set addressContext default zone ZONE_IAD id 2 sipSigPort 2 ipInterfaceGroupName LIG1 ipAddressV4 10.34.226.115 ipAddressV6 fd00:10:6b50:4d30::20 portNumber 5060 state enabled transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp
commit

 

set addressContext default zone ZONE_AS id 3 
commit 

set addressContext default zone ZONE_AS id 3 sipSigPort 3 ipInterfaceGroupName LIG2 ipAddressV4 10.34.228.115 ipAddressV6 fd00:10:6b50:4d40::20 portNumber 5060 state enabled transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp
commit

set system slb commInterface addressContext default ipInterfaceGroup LIG3 pktIpAddress 10.34.223.20 
commit

Configure ACLs on SLB


Note

The Bucket Size value is insignificant if the Fill Rate value is unlimited.

  • The Fill Rate is the maximum rate you expect for the traffic to pass the policer.
  • The Bucket Size is the number of additional packets allowed to pass in a given period if available packets are in the bucket. The credit balance is consumed before the packets are discarded.

If the ACL rules with action = discard, the Fill Rate and the Bucket Size values are irrelevant, and the packets are dropped based on the Type, IP address, or Port.

The Fill Rate and the Bucket Size parameters do not play any role since the policer portion of an ACL is only applicable for the "accept" action and is ignored with the "discard" action since all the packets are already discarded by the criteria.

# Configuration of ipAccessControlList :

set addressContext default ipAccessControlList rule 1 state enabled fillRate unlimited bucketSize unlimited destIpAddress 10.52.36.152 precedence 1 destIpAddressPrefixLength 32
commit

set addressContext default ipAccessControlList rule 2 state enabled fillRate unlimited bucketSize unlimited destIpAddress 10.52.38.152 precedence 2 destIpAddressPrefixLength 32
commit

set addressContext default ipAccessControlList rule 3 state enabled fillRate unlimited bucketSize unlimited destIpAddress 10.34.222.104 precedence 3 destIpAddressPrefixLength 32
commit

set addressContext default operatorAggregatePolicer bucketSize unlimited fillRate unlimited
commit

ACCESS Support Configuration in SLB

Access support configuration is not needed for PEERING CALL.

# Here ZONE_IAD is INGRESS and ZONE_AS is EGRESS zone:

set addressContext default zone ZONE55555_IAD remoteDeviceType accessDevice
commit

set addressContext default zone ZONE55555_AS remoteDeviceType appServer
commit

SLB-specific Configuration in SBC/OAM

Note

Apart from the following configuration, you must configure whatever configuration is required for a basic call on the SBC/OAM.  For example, TrunkGroup, static routes, and so on.


# Configuration to enable SLB in SBC :

set system slb usage enable
commit


# Configuration of common interface which is to be used for SBC-SLB communication :

set system slb commInterface addressContext default ipInterfaceGroup LIG3 pktIpAddress 10.34.223.20  
commit


# Configuration of SLB IP Address which is to be used for SBC-SLB communication :

set system slb slbAddress SLBATP ipAddress 10.34.222.104
commit


# Configuration to enable SLB Name in sipSigPort of SBC :

Note : sipSigPort IDs of SBC and SLB should be same . Here sipSigport IDs are 2 ,3 for INGRESS & EGRESS respectively. Same IDs were used in SLB sipSigPort as well

set addressContext default zone ZONE55555_IAD id 2 sipSigPort 2 slbName SLBATP
commit

set addressContext default zone ZONE55555_AS id 3 sipSigPort 3 slbName SLBATP
commit


# Command in OAM to push configuration to SBCs  : ( Only for OAM enabled SBCs)

request system admin vsbcSystem saveAndActivate