Use this sample configuration to configure your SBC SWe on AWS for SLB.
Use the same configuration on all SBCs which communicate to a particular SLB.
Steps:
Configure SLB for HFE HA
set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 ceName vsbcSystem portName pkt0 ipVarV4 IF2.IPV4 ipPublicVarV4 HFE_IF2.FIPV4 prefixVarV4 IF2.PrefixV4 commit set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 mode inService state enable commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 ceName vsbcSystem portName pkt1 ipVarV4 IF3.IPV4 prefixVarV4 IF3.PrefixV4 commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 altIpVars ALT_Pkt1_01.IP commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 mode inService state enable commit set addressContext default zone ZONE_IAD id 2 commit set addressContext default zone ZONE_IAD id 2 sipSigPort 2 ipInterfaceGroupName LIG1 ipVarV4 IF2.IPV4 ipPublicVarV4 HFE_IF2.FIPV4 portNumber 5060 state enabled mode inService transportProtocolsAllowed sip-tls-tcp,sip-tcp,sip-udp commit set addressContext default zone ZONE_AS id 3 commit set addressContext default zone ZONE_AS id 3 sipSigPort 3 ipInterfaceGroupName LIG2 ipVarV4 IF3.IPV4 portNumber 5060 state enabled mode inService transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp commit set system slb commInterface addressContext default ipInterfaceGroup LIG2 pktIpVar ALT_Pkt1_01.IP commit ############################Below Routes For AWS######################################## set addressContext default staticRoute 0.0.0.0 0 10.10.66.1 LIG1 LIF1 preference 100 set addressContext default staticRoute 0.0.0.0 0 10.10.4.1 LIG2 LIF2 preference 100 #########################################################################################
Configure ACLs on SLB
The Bucket Size value is insignificant if the Fill Rate value is unlimited. If the ACL rules with action = discard, the Fill Rate and the Bucket Size values are irrelevant, and the packets are dropped based on the Type, IP address, or Port. The Fill Rate and the Bucket Size parameters do not play any role since the policer portion of an ACL is only applicable for the "accept" action and is ignored with the "discard" action since all the packets are already discarded by the criteria.
HFE_IF2.FIPV4 23.20.208.198 IF3.IPV4 172.31.13.168 ALT_Pkt1_01.IP 172.31.13.170 set addressContext default ipAccessControlList rule 1 state enabled fillRate unlimited bucketSize unlimited protocol udp destIpAddress 172.31.13.168 precedence 1 destIpAddressPrefixLength 32 commit set addressContext default ipAccessControlList rule 2 state enabled fillRate unlimited bucketSize unlimited protocol udp destIpAddress 23.20.208.198 precedence 3 destIpAddressPrefixLength 32 commit set addressContext default ipAccessControlList rule 3 state enabled fillRate unlimited bucketSize unlimited protocol tcp destIpAddress 172.31.13.170 precedence 2 destIpAddressPrefixLength 32 commit
admin@slbvsbc1-172.31.11.248% show addressContext default ipInterfaceGroup ipInterfaceGroup LIG1 { ipInterface LIF1 { ceName vsbcSystem; portName pkt0; mode inService; state enabled; ipVarV4 IF2.IPV4; prefixVarV4 IF2.PrefixV4; ipPublicVarV4 HFE_IF2.FIPV4; } } ipInterfaceGroup LIG2 { ipInterface LIF2 { ceName vsbcSystem; portName pkt1; mode inService; state enabled; ipVarV4 IF3.IPV4; prefixVarV4 IF3.PrefixV4; altIpVars ALT_Pkt1_01.IP; } } [ok][2020-06-19 06:14:22] [edit] admin@slbvsbc1-172.31.11.248% show addressContext default zone ZONE_IAD sipSigPort sipSigPort 2 { ipInterfaceGroupName LIG1; portNumber 5060; mode inService; state enabled; transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp; ipVarV4 IF2.IPV4; ipPublicVarV4 HFE_IF2.FIPV4; } [ok][2020-06-19 06:15:55] [edit] admin@slbvsbc1-172.31.11.248% show addressContext default zone ZONE_AS sipSigPort sipSigPort 3 { ipInterfaceGroupName LIG2; portNumber 5060; mode inService; state enabled; transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp; ipVarV4 IF3.IPV4; } [ok][2020-06-19 06:16:02] [edit] admin@slbvsbc1-172.31.11.248% show addressContext default staticRoute staticRoute 0.0.0.0 0 172.31.13.1 LIG2 LIF2 { preference 100; } staticRoute 0.0.0.0 0 172.31.18.1 LIG1 LIF1 { preference 100; } [ok][2020-06-19 06:22:01] [edit] admin@slbvsbc1-172.31.11.248% admin@slbvsbc1-172.31.11.248% show system slb commInterface { addressContext default; ipInterfaceGroup LIG2; pktIpVar ALT_Pkt1_01.IP; } [ok][2020-06-19 06:17:51] [edit] admin@slbvsbc1-172.31.11.248> show table system slb sipClientCurrentStatistics OOD VNF MSGS INVITES REQUESTS ID ID SENT SENT SENT ----------------------------------- 2 none 0 0 0 [ok][2020-06-19 06:20:10] admin@slbvsbc1-172.31.11.248> show table system slb sipClientStatus VNF COMM CONNECTION ID ID STATE ADDRESS STATE ------------------------------------------- 2 none active 172.31.16.4 up [ok][2020-06-19 06:20:22] admin@slbvsbc1-172.31.11.248> show table system slb sipClientStatistics OOD VNF INVITE REQ ID ID COUNT COUNT ------------------------- 2 none 8 0 [ok][2020-06-19 06:20:35] admin@slbvsbc1-172.31.11.248> show table system slb sipClientIntervalStatistics OOD INTERVAL VNF MSGS INVITES REQUESTS NUMBER ID VALID TIME ID SENT SENT SENT ------------------------------------------------------------ 23 2 true 20106 none 0 0 0 24 2 true 21006 none 0 0 0 25 2 true 21906 none 0 0 0 26 2 true 22806 none 0 0 0 [ok][2020-06-19 06:20:56] admin@slbvsbc1-172.31.11.248> show table system slb inviteReqTimeout inviteReqTimeout 90; [ok][2020-06-19 06:21:13] admin@slbvsbc1-172.31.11.248> show table system slb nonInviteReqTimeout nonInviteReqTimeout 32; [ok][2020-06-19 06:21:19] admin@slbvsbc1-172.31.11.248>
Configure SBC SWe for SLB
set system slb usage enabled com set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 portName pkt0 ipVarV4 IF2.IPV4 prefixVarV4 IF2.PrefixV4 ipPublicVarV4 HFE_IF2.FIPV4 state enabled mode inService commit set addressContext default ipInterfaceGroup LIF2 ipInterface LIG2 portName pkt1 ipVarV4 IF3.IPV4 prefixVarV4 IF3.PrefixV4 state enabled mode inService commit set addressContext default zone ZONE_IAD id 2 commit set addressContext default zone ZONE_IAD sipSigPort 2 commit set addressContext default zone ZONE_AS id 3 commit set addressContext default zone ZONE_AS sipSigPort 3 commit set addressContext default zone ZONE_IAD sipTrunkGroup SIP_INGRESS_TG mode inService state enabled media mediaIpInterfaceGroupName LIG1 commit set addressContext default zone ZONE_IAD sipTrunkGroup SIP_INGRESS_TG ingressIpPrefix 15.236.100.145 32 commit set addressContext default zone ZONE_AS sipTrunkGroup SIP_EGRESS_TG mode inService state enabled media mediaIpInterfaceGroupName LIG2 commit set addressContext default zone ZONE_AS ipPeer EGRESS_PEER ipAddress 10.10.4.11 ipPort 4020 commit set global callRouting routingLabel CLOUD routingLabelRoute 0 ipPeer EGRESS_PEER trunkGroup SIP_EGRESS_TG inService inService commit set global callRouting route trunkGroup SIP_INGRESS_TG VSBCSYSTEM standard 888 1 all all ALL none Sonus_NULL routingLabel CLOUD commit set addressContext default zone ZONE_IAD sipTrunkGroup SIP_INGRESS_TG signaling timers sessionKeepalive 0 commit set addressContext default zone ZONE_AS sipTrunkGroup SIP_EGRESS_TG signaling timers sessionKeepalive 0 commit set system media mediaPeerInactivity inactivityTimeout 20 commit set system slb usage enabled set system slb slbAddress SLBATP ipAddress <SLB_IP_comminterfaceIP> com set addressContext default zone ZONE_IAD id 2 sipSigPort 2 slbName SLBATP set addressContext default zone ZONE_AS id 3 sipSigPort 3 slbName SLBATP co set system slb commInterface addressContext default ipInterfaceGroup LIG1 pktIpVar IF2.IPV4 co
admin@vsbc1-172.31.11.128% show addressContext default ipInterfaceGroup ipInterfaceGroup LIG2 { ipInterface LIF2 { portName pkt1; mode inService; state enabled; ipVarV4 IF3.IPV4; prefixVarV4 IF3.PrefixV4; } } ipInterfaceGroup LIG1 { ipInterface LIF1 { portName pkt0; mode inService; state enabled; ipVarV4 IF2.IPV4; prefixVarV4 IF2.PrefixV4; ipPublicVarV4 HFE_IF2.FIPV4; } } [ok][2020-06-19 06:24:01] [edit] admin@vsbc1-172.31.11.128% admin@vsbc1-172.31.11.128% show addressContext default zone ZONE_IAD sipSigPort sipSigPort 2 { slbName sblaws; } [ok][2020-06-19 06:25:52] [edit] admin@vsbc1-172.31.11.128% show addressContext default zone ZONE_AS sipSigPort sipSigPort 3 { slbName sblaws; } [ok][2020-06-19 06:25:59] [edit] admin@vsbc1-172.31.11.128% admin@vsbc1-172.31.11.128% show addressContext default zone ZONE_IAD sipTrunkGroup SIP_INGRESS_TG state enabled; mode inService; policy { carrier 0000; country 1; localizationVariant northAmerica; tgIPVersionPreference both-ipv4-and-ipv6; preferredIdentity disable; digitParameterHandling { numberingPlan NANP_ACCESS; } callRouting { elementRoutingPriority DEFAULT_IP; } media { packetServiceProfile DEFAULT; } services { classOfService DEFAULT_IP; } signaling { ipSignalingProfile DEFAULT_SIP; } featureControlProfile DEFAULT_IP; ingress { flags { nonZeroVideoBandwidthBasedRoutingForSip enable; nonZeroVideoBandwidthBasedRoutingForH323 disable; hdPreferredRouting disable; hdSupportedRouting disable; } } } signaling { timers { sessionKeepalive 0; } } media { mediaIpInterfaceGroupName LIG1; mediaIpVar HFE_IF2.FIPV4; } ingressIpPrefix 15.236.100.145 32; ingressIpPrefix 18.209.206.44 32; ingressIpPrefix 54.86.55.82 32; [ok][2020-06-19 06:26:38] admin@vsbc1-172.31.11.128% show addressContext default zone ZONE_AS sipTrunkGroup SIP_EGRESS_TG state enabled; mode inService; policy { carrier 0000; country 1; localizationVariant northAmerica; tgIPVersionPreference both-ipv4-and-ipv6; preferredIdentity disable; digitParameterHandling { numberingPlan NANP_ACCESS; } callRouting { elementRoutingPriority DEFAULT_IP; } media { packetServiceProfile DEFAULT; } services { classOfService DEFAULT_IP; } signaling { ipSignalingProfile DEFAULT_SIP; } featureControlProfile DEFAULT_IP; ingress { flags { nonZeroVideoBandwidthBasedRoutingForSip enable; nonZeroVideoBandwidthBasedRoutingForH323 disable; hdPreferredRouting disable; hdSupportedRouting disable; } } } signaling { timers { sessionKeepalive 0; } } media { mediaIpInterfaceGroupName LIG2; } admin@vsbc1-172.31.11.128% show system slb usage enabled; slbAddress sblaws { ipAddress 172.31.13.195; } commInterface { addressContext default; ipInterfaceGroup LIG1; pktIpVar IF2.IPV4; } [ok][2020-06-19 06:27:58] [edit] admin@vsbc1-172.31.11.128%
Configure SLB on a Standalone SBC SWe
SLB configuration for Standalone: config set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 ceName vsbcSystem portName pkt0 ipVarV4 ALT_Pkt0_00.IP ipPublicVarV4 ALT_Pkt0_00.FIPV4 prefixVarV4 IF2.PrefixV4 commit set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 mode inService state enable commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 ceName vsbcSystem portName pkt1 ipVarV4 IF3.IPV4 prefixVarV4 IF3.PrefixV4 commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 altIpVars ALT_Pkt1_00.IP commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 mode inService state enable commit set addressContext default zone ZONE_IAD id 2 commit set addressContext default zone ZONE_IAD id 2 sipSigPort 2 ipInterfaceGroupName LIG1 ipVarV4 ALT_Pkt0_00.IP ipPublicVarV4 ALT_Pkt0_00.FIPV4 portNumber 5060 state enabled mode inService transportProtocolsAllowed sip-tls-tcp,sip-tcp,sip-udp commit set addressContext default zone ZONE_AS id 3 commit set addressContext default zone ZONE_AS id 3 sipSigPort 3 ipInterfaceGroupName LIG2 ipVarV4 IF3.IPV4 portNumber 5060 state enabled mode inService transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp commit set system slb commInterface addressContext default ipInterfaceGroup LIG2 pktIpVar ALT_Pkt1_00.IP commit set addressContext default staticRoute 0.0.0.0 0 172.31.12.1 LIG1 LIF1 preference 100 commit set addressContext default staticRoute 0.0.0.0 0 172.31.13.1 LIG2 LIF2 preference 100 commit set addressContext default ipAccessControlList rule 1 state enabled fillRate unlimited bucketSize unlimited protocol udp destIpAddress 172.31.13.60 precedence 1 destIpAddressPrefixLength 32 commit set addressContext default ipAccessControlList rule 2 state enabled fillRate unlimited bucketSize unlimited protocol udp destIpAddress 54.210.205.166 precedence 3 destIpAddressPrefixLength 32 commit set addressContext default ipAccessControlList rule 3 state enabled fillRate unlimited bucketSize unlimited protocol udp destIpAddress 54.210.205.166 precedence 4 destIpAddressPrefixLength 32 commit set addressContext default ipAccessControlList rule 4 state enabled fillRate unlimited bucketSize unlimited protocol tcp destIpAddress 172.31.12.18 precedence 2 destIpAddressPrefixLength 32 commit