Overview

The Path Check Ping mechanism verifies peer-to-peer connectivity between the SBC and a target IP.

The SBC supports the following path check functionality using ICMP ping:

  • Use the ICMP to check if the remote entities are reachable. 
  • Generate and send the ping packets based on the configuration. 
  • Run up to 300 ping sessions simultaneously. 
  • Monitor the responses and validates if there is a failure due to specific conditions.

The SBC accepts the following SIP UA interface parameters:

  • Destination ping address for the session

  • Interface and the corresponding interface group that transmits the ping packets

  • Profile name that identifies the pathCheckProfile that is used with that session

  • Reporting address tag that identifies which SIP signaling peer is associated with the ping session

  • Zone ID that identifies the zone to which the signaling peer belongs

  • Address context containing the corresponding Interface Group

The source ping address is optional since the IP address associated with the interface can be used when not provided.

Note

Create User ACL for ICMP if supporting more than 50 sessions.

Note

Configure static routes to reach the target IP address from the interface through which the ICMP pings are generated.

Perform the following steps to configure path check path using ICMP ping:

Configuring the Static Route

To configure the static routes to reach the target IP from interface, execute the following command:

% set addressContext default staticRoute 10.54.80.155 32 10.54.114.1 LIF1 lif_eth2 preference 100 
 
% commit

Configuring the Path Check Path Profile

To configure the pathCheckProfile, execute the following command:

% set profiles services pathCheckProfile TP1 protocol icmp replyTimeout 5 sendInterval 10 failureResponseCodes all4xx recoveryCount 1 replyTimeoutCount 10 transportPreference preference1 tcp preference2 udp
 
% commit

Configuring Path Check Path Object

% set system pathCheckPath PATH1 sourceIpAddress 10.54.114.156 targetIpAddress 10.54.80.155 reportSignalIpAddress 10.54.80.156 reportSignalIpPort 3456 pathCheckProfile TP1 zone INTERNAL ipInterface lif_eth2 addressContext default ipInterfaceGroup LIF1 state enabled 
 
% commit

Creating User ACL for ICMP (Optional)

The user ACL for ICMP must be created if there are more than 50 sessions. To create the user ACL, execute the following command:


Note

The Bucket Size value is insignificant if the Fill Rate value is unlimited.

  • The Fill Rate is the maximum rate you expect for the traffic to pass the policer.
  • The Bucket Size is the number of additional packets allowed to pass in a given period if available packets are in the bucket. The credit balance is consumed before the packets are discarded.

If the ACL rules with action = discard, the Fill Rate and the Bucket Size values are irrelevant, and the packets are dropped based on the Type, IP address, or Port.

The Fill Rate and the Bucket Size parameters do not play any role since the policer portion of an ACL is only applicable for the "accept" action and is ignored with the "discard" action since all the packets are already discarded by the criteria.

For IPv4:

% set addressContext default ipAccessControlList rule Rule1 action accept protocol icmp fillRate 300 bucketSize 50 precedence 1 state enabled

% commit

For IPv6:

% set addressContext default ipAccessControlList rule Rule1 action accept protocol icmpv6 fillRate 300 bucketSize 50 precedence 1 state enabled

% commit

Viewing the ICMP Protocol

To view the ICMP protocol, enter the following command:

> show table addressContext default ipAccessControlList rule test 
precedence 1;
protocol icmp;
action accept;
fillRate 300;
bucketSize 50;
state enabled;
aggregatePolicer OPERATOR;
[ok]