SBC Core 07.02.04R004 Release Notes

V05.01.00F007

V07.01.00F003

V07.02.00R000

V07.02.01R003

V07.02.01R004

V07.02.01R007

V07.02.01R008

V06.01.00R007

V05.01.02F008

V06.02.01F007

V06.02.01F008

V06.02.01F009

V06.02.01F010

V06.02.01F012

V06.02.02R000

V06.02.02R001

V06.02.02F001

V06.02.02F002

V06.02.02F003

V06.02.02F004

V06.02.02F005

V06.02.02F006

V06.02.02F007

V06.02.02F008

V06.02.02F009

V06.02.02F010

V06.02.02F014

V06.02.03R000 

The SBC is converting two of the same rtpmaps into one line.

Impact: A duplicated media payload may cause a syntax error when the sdpSelectedAttribueRelay and transcodefree is sent to the other side.

Root Cause: A duplicated attribute line was merged into one line.

Steps to Replicate: Configure the sdpSelectedAttribeRelay and transcodefree. 

Platform/Feature: SBC

The SCMP coredumps occurred on the Server.

Impact: The SBC was reading off the end of a memory block while trying to copy the called and calling party host name.

Root Cause: The SBC code was copying the SIP hostname/username in the diameter code, but it was always copying a fixed number of characters regardless of the username size. This resulted in the SBC reading more memory than was allocated for the hostname.

If the memory block passed was right at the edge of process memory, then it is possible this might cause a memory exception and a coredump.

Steps to Replicate: A coredump analysis and code review.

Platform/Feature: SBC

The Bye URI Messages do not include the domain.

Impact: When the incoming INVITE contains a Contact header with a GR tag.

And the call flow is: SIP-SBC1 -- GW - GW - GSX- ISUP. The SBC includes an IP address in the reqURI of a BYE message and do not have FQDN present in the Contact of Ingress INVITE.

Root Cause: In a GW-GW scenario where the egress GW is GSX, the SBC sends IP address in ReqURI field of BYE message.

Steps to Replicate:

1. Reproduce the issue.
When the incoming INVITE contains a Contact header with a GR tag:

And call flow is: SIP-SBC1 -- GW - GW - GSX- ISUP, SBC includes an IP address in the reqURI of a BYE message and do not have FQDN ( present in Contact of Ingress INVITE )

2. Verify the issue.
After a fix, the SBC sends FQDN in BYE sent towards the Ingress endpoint.

Platform/Feature: SBC

Calls release cause 132 after a switchover.

Impact: The XRES uses the freed altMediaIpAddress unexpectedly in the standby XRM when the LIF is created.

Root Cause: When the standby XRM is notified with the LIF allocate request from NRS, it only receives the LIF's IP address. Any altMediaIpAddress will not be populated until the XRM has replied back to NRS. So when XRM is activating any XRES in the deferred activate list, the activation of XRES using altMediaIpAddress will be failed and freed.

Steps to Replicate: The SBC HA and SIPP call test setup:

1. Disable the keepAlive timer in the sipTrunkGroup.
2. Enable the debug INFO level logging.
3. Configure the altMediaIpAddress on LIF or LIFs if both ingress and egress legs have XRESs.
4. Configure the link detection on pkt port, threshold = 1 and enable it.
5. Make 5 basic SIP calls, call's mediaIpAddress = altMediaIpAddress, and call duration >= 20 mins.
6. Pull the cable from the pkt port, or ports if 2 pkt are interfaces involved, with link detection enabled.
7. Check the callCountStatus, wait for 5 min and plug in the cable on pkt port(s).
8. Check the callCountStatus again and wait for HA pair to finish syncing.
9. Perform a switchover again.

At step 6, the switchover triggered by link detection at step 7, 5 calls should be ACTIVE, check DBG log for following messages from XRM:

1. "XrmRedResAlloc: DEBUG! Context ID 0 XRES resId x on NIF y not allocated (on deferred list), LIF z not created"
2. "XrmNifMacAddrGet: Could not find LIF ifIndex z"
3. "XrmRedUdpAlloc: Context ID 0 Could not find UDP structure for LIF..."

At step 8, the calls should still be ACTIVE.
At step 9, the calls could be released during extensive audit, but not always.

Platform/Feature: SBC: CDR, Redundancy

The SBC7K core dumps again after the 6.2.1F010 update.

Impact: A rare race condition can cause the SamProcess to core with a Healthcheck failure when using the TLS.

Root Cause: The root cause of this issue is a rare race condition that allows one of the threads in the SamProcess to free memory, that is still being used by another thread in the same process.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SBC services will not come up.

Impact: The standby fails to start and connect to the active, shutting down instead.

Root Cause: The address of the middleware checkpoint is lost and the checkpoint cannot be updated with the arrival of the new node, leading to it being shut back down.

Steps to Replicate: This is a one-off situation and can be easily reproduced.

Platform/Feature: SBC

The SBC IgnoreTransparency cannot be set on the EMA V6,7.2 and 8+.

Impact: The SBC IgnoreTransparency cannot be set on the EMA V6,7.2 and 8+.

Root Cause: There is no check whether the "not" is applied to complete expression or not.

Steps to Replicate:

1. Log into the EMA.
2. Navigate to
   All->profile->services->Transparency profile->SIP Header
3. Select the transparency profile.
4. Click on New Sip Header.
5. After that, the "Ignore Transparency " field will be visible.

Platform/Feature: SBC

Portfix SBX-95156: The SBC disconnects the call when it receives a 491.

Impact: A 491 received for a Re-Invite without an SDP was not being relayed to another Leg, even when the E2E Re-Invite and statusCode4xx6xx are enabled.

Root Cause: A 491 Relay logic is missing for the Re-Invite without SDP case.

Steps to Replicate:

1. Enable the E2E Re-Invite and the statusCode4xx6xx.
2. A 491 will be received for Re-Invite without a SDP sent.

Platform/Feature: SBC

Portfix SBX-95264: Calls stopped working after an upgrade to SBC5110 from V05.00.05F008 to V06.02.03F005.

Impact: In the X-dmi parameter, the "p=0.0.0.0" was changed to "p=" in 6.2.3F5 that was failing the parser.

Root Cause: The root trigger was the change in the IPUtilGetStr() since early 6.2 release checks the given ipAddr is a V4 or V6 address. In this case, the ipAddress was unspecified, so IPUtilGetStr() returns '\0'.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The 488 Response to the T38 Reinvite.

Impact: For a G.711-T.38 Fax call, if the SBC receives a G.711 reInvite with some change in SDP from ingress peer, then the SBC sends a G.711 reInvite to egress peer.

The customer expected the SBC to stay in a Fax call and not send any reInvite to the Egress peer.

Root Cause: For a G.711-T.38 Fax call, if the SBC receives a G.711 reInvite or any other reInvite that has some change in the SDP from ingress peer, then the SBC initiates offer-answer negotiation and sends G.711 or any relevant codec reInvite to egress peer. In this case, the SBC also initiates a transition from fax to voice.

Steps to Replicate: The steps cannot be replicated.

Platform/Feature: SBC

The code is modified so when the SBC detects a change in the SDP for a Fax call LEG, and if the codec active for that fax call LEG is G711 and there is no change in G711 LAW, then SBC stays in a Fax call and sends the 200OK with answer-SDP as per last offer-answer negotiation. Any change in DTMF, silence Suppress mode and any other SDP parameter is ignored.

Portfix SBX-96524: Getting the Pes Process coredump while running registrations.

Impact: Getting the Pes Process coredump while running registrations.

Root Cause: CallParamMatchName function is called with matchName which is of 15 byte array and strncpy is used to copy the string to the 50 byte array but with a wrong size of MATCH_NAME_SIZE which is defined as 30 byte*.*.

Passing bigger size than the actual destination string to strncpy is resulting in padding 0’s beyond the actual 15 bytes of the matchName. This was corrupting the stack and the stack pointer and causing a segmentation fault.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SBC is not sending the RTCP to egress Peer for transcode only.

Impact: In the customer call flow:

With the Ingress Peer -(ISDN)> GSX ---(GW2GW)-> SBC --(SIP)-> Egress Peer, with the PSP setting as "transcode only" and RTCP enabled, the SBC does not send RTCP packets towards the egress.

Root Cause: Due to changes made for a previous feature SBX-6366, the SBC does not mark the XRES resource as duplex and marks it as receive only. As a result, the SBC does not send RTCP towards egress.

Steps to Replicate:

1. Reproduce the problem in following call flow:
   Ingress Peer -- SIP -- GSX -- GW2GW -- SBC -- SIP -- Egress Peer
   This transcode only call and RTCP is enabled.
   Result: No RTCP sent by the SBC to egress.
2. Verify the issue by applying SamP with GWFE change but not change in ScmP.
3. Use the same setup. RTCP traffic was sent from the SBC to egress.

Platform/Feature: SBC

Portfix SBX-89741: There was a CPX core during an upgrade from V05.01.05R000 to V07.02.01R001.

Impact: The LSWU CLI command returned in a failure due to a failure to create package sub-dir under the external directory, but the upgrade continued on the backend.

Root Cause: The upgrade script needs to be fixed here to stop the upgrade and exit if the CLI command returns with a sub-dir creation failure.

Steps to Replicate: Test the LSWU to the fix version and verify if the upgrade is successful.

Platform/Feature: SBC

Multiple switchovers causes non 5060 sipSigPorts to become inactive.

Impact: When a user configured >= 2 SIP Sig ports with same IP address but different port numbers, and they are using the same LIF group that contained 1 LIF, the pkt down triggered a switchover and it stayed down for extended time. After the pkt UP, a second switchover occurred, then only one Sig port went in service. The other Sig ports were stuck in OOS.

Root Cause: Since the pkt port was DOWN when the new standby node came back online, the SIP sig ports were restored while LIF was OOS. So address registrations were failed. After the SIPCM has reached a max number of retries, the LADDRs of the Sig ports, except the first one, were deleted in the NRS context.

When the pkt port came UP, the NRS brought LIF into service and registered the only one signaling address saved in the NRS context.

Steps to Replicate:

Test steps:
1. Configure 2 VLANs on the YF or BF pkt2.
2. Configure 4 SSPs on the first VLAN interface; 4 SSPs on the second VLAN interface. 4 SSPs use the udp/tcp port numbers 5060, 5160, 5260, and 5360 with the same IP address
3. Run the Sbxstop command.
4. Unplug the packet ports - YF pkt2
5. Run the Sbxstart command.
6. Display the SSPs on VLAN interfaces.

Platform/Feature: SBC

1. The code is modified to only delete LADDR before reaching the max number of retries.
2. Restore the pendingNrsReq flag properly when the address registration failed.

After the LDG triggered a switch over, the SBC is rejecting all the register message with a 500 internal error.

Impact: The SCM process may coredump when the SIP signaling port was being used during a SIP registration call flow is state disabled.

Root Cause: The SCM process core dumped when it attempted to display a debug warning message that contained the disabled SIP signaling port number (but encountered a NULL pointer).

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SCM fast memory increase causes a delayed switchover with an outage.

Impact: If a multilevel INVITE with Replaces is run, the memory and CPU utilization by the Scm Process increases drastically and leads to a core dump.

Root Cause: Each INVITE with Replaces is a new Callgroup. Each call group has its own segments. For each segment, there are associated segments.

When a Release call is invoked, it releases all segments and each call segment frees the associated call segments.
During the release flow for such a call CC_EV_ASG_DISC_CMD event is posted multiple times for various orig and term GCID’s.

Please note that this ultimately frees up everything although the memory and CPU utilization shoots up.

Steps to Replicate:

1. Test multilevel INVITE replaces (more than 15).
2. Crash will not occur.

Platform/Feature: SBC

Now in the CC state machine, the CC_EV_ASG_DISC_CMD event is not posted multiple times for the same original and term labels. This leads to drastically reducing the looping, while also ensuring that all call segments (and associated segments) are freed.

The SBC fails to relay the 18x/2xx towards the ingress when the SBC is configured to play tone.

Impact: The SBC Fails to relay the 18x/2xx in case of the MSRP call when tone is configured. The SBC tries to allocate tone Resources even though the Audio stream is not present.

Root Cause: The SBC is going for Tone allocation, even though audio stream is not present.

Steps to Replicate: Run a MSRP call with the tone configured.

Platform/Feature: SBC: Application

Portfix SBX-91871: The metavar was assigned to none.

Impact: When only one of the nodes detects a network glitch in the N:1 setup, usingMetavarsOf field of the other node is set to none.

Root Cause: A metavar response message is not sent from the node that did not detect the network glitch.

Steps to Replicate: Bring down the HA link for less than 5 seconds such that only one node detects the network glitch.

Platform/Feature: SBC

Unable to establish the same number of sessions after the switchover.

Impact: Calls were getting cleared under load conditions after a switchover in the first gateway in a GW-GW setup.

Root Cause: When sessionKeepAlive is set and the SBC switched over, the SBC starts sending refresh INVITEs to the endpoints. Since this is a GW-GW setup, in such scenario's, the newly active GW-1 will send call processing messages to the GW-2. There was an issue in call processing at the GW-2 that resulted in call failures.

Steps to Replicate:

1. Create a SBC GW-GW setup and enable the sessionKeepAlive.
2. Establish a call load of more than 25K and once the call is stable, perform a switchover at the GW-1.
3. Calls will start failing

Platform/Feature: SBC

The SBC picks up an incorrect TG for incoming non-INVITE requests and responses to non-INVITE requests.

Impact: The SBC is picking up the wrong trunk group for incoming messages.
This is specific for a rare configuration when there is only 1 sigport sharing multiple trunkgroups, and the same peer source address routing traffic to different trunkgroups.

Root Cause: When the SBC processes inbound/outbound messages, it puts the TG into the cache table for processing after the response. In this case, there are two trunkgroups that swap back and forth for the same peer address. As a result, a subsequent request OOD may pick up the wrong TG due to registered end point.

Steps to Replicate: 

1. Run a configuration where there is only 1 sigport sharing multiple trunkgroups, and the same peer source address routing traffic to different trunkgroups.
2. Call B was sharing the same signaling port and the same peer IP.
3. An OOD to the SBC and route back to A.
4. Both outbound cases are using different TGs.

Platform/Feature: SBC

An incorrect transparency functionality causes calls to fail.

Impact: The To header transparency becomes active and launches a successful ENUM query may cause an incorrect RURI format. 

Root Cause: The RURI build was based on the To header.

Steps to Replicate: Enable the To header transparency and PSX ENUM LNP response may contain an empty “Called URI”.

Platform/Feature: SBC

Portfix SBX-98992: The EMA logs are not being copied in SysDump, however, the folder is there.

Impact: The EMA logs are not captured by the sysdump. 

Root Cause: The EMA log location was changed in the 6.0.0 and the sysdump was never updated with the change.

Steps to Replicate: Run sysdump and verify the EMA logs are captured.

Platform/Feature: SBC

The EMA response time on the SBC 7.2.3 release is very high.

Impact: The EMA response time on the SBC 7.2.3 release is very high.

Root Cause: Making more than six TCP calls at a time from the browser.

Steps to Replicate: 

1. Log in to EMA.
2. Route from Configuration->System Provisioning-> Routing

A user can see the efficiency of screen loading.

Platform/Feature: SBC

The Scm Process cored.

Impact: When the pathcheck timeout, and the SBC is unable to find a zone, the SBC may core.

Root Cause: Access the null pointer.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The Wall Comcast PM-SBC memory increasing.

Impact: There is a memory leak in the PRS. The structures associated with certain interprocess messages are leaking.

Root Cause: The structures associated with certain interprocess messages are leaking because these structures were not being freed.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SIP to SIP call no ring back tone passed to the ingress when PEM header is enabled on egress endpoint.

Impact: There was no RBT when the PEM header is enabled, the Split 18x moves into alerting and progress flag is enabled.

Root Cause: This flow was never tested with flag, and with Split 18x into alerting and progress.

Steps to Replicate: Setup call with PEM enabled on the egress and with Split 18x flag enabled.

Platform/Feature: SBC

The caller SBC cancels the call after a 180 : 504 to the ingress, and CANCEL to egress.

Impact: A late media convert call with the DLRBT is not working.

Root Cause: A bad resource activation.

Steps to Replicate: Setup a late media convert call with the DLRBT enabled.

Platform/Feature: SBC

Portfix SBX-95874: The SBC's dump SCM process when running a MSRP call with the LI enabled.

Impact: The SCM process dumps when running a MSRP call with the PCSILI enabled.

Root Cause: The SBC sends an invalid Stream ID for non audio calls in NrmaDsbcSendDummySplitterCmd() and NrmaDsbcSendSplitterCmd() when invoking NrmaDsbcIssueXresCmd(). In the M-SBC, when processing the same correct stream, the EP res is not fetched because of an invalid stream ID and is why the SYS_ERR is triggered.

Steps to Replicate: Running a MSRP call with the PCSILI enabled.

Platform/Feature: SBC

The wrong codec selection for the LRBT when one 183 with the SDP followed by two 180 Ringing.

Impact: The Ingress Trunk had theSIP-I and LRBT enabled and the Egress side Trunk is configured with the SIP.

The transcode conditional is enabled and the AMR-WB , AMR ,G711 and G729 are present in the Ingress and Egress Route PSP. Transcoding for AMR and AMR-WB is disabled but enabled for the G711 and G729.

After the INVITE OFFER is relayed by the SBC to Egress, the SBC receives the 183 with pcma followed by two 180 ringing alerts from the Egress.

The SBC should send 183 with PCMA in the SDP but instead it sends amr-wb, the first codec from the Offer, to the Ingress and as a result the tone is played in AMR-WB, which is incorrect.

Root Cause: For every 180 ringing alert received from the Egress, the tone is stopped and restarted. During the second tone restart, the SBC makes a new Offer with a Route PSP and discards the current answer received from the Egress Peer.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC: SIP Applications

Portfix SBX-97856: A bad Update sent by the SBC to Ingress during the LRBT.

Impact: The SIP-I on the Ingress TG and the SIP on the Egress TG.

With the transcode conditional enabled, the AMR-WB transcoding disabled in PSP and LRBT enabled, when making a call, during the LRBT, the Egress peer sends an update with change of media port but the SBC sends unwanted UPDATE towards ingress side with the AMR-WB / 16k DTMF

Root Cause: After an update followed by 180 ringing alert is received from the Egress Peer with change in the port only, the SBC generated a new Offer to the Ingress with a Route PSP codec preference of AMR-WB discarding the active codec PCMA already negotiated.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

Portfix SBX-94395

Impact: RTCP Packets discarded.

IPv6 to IPv4, NAT enabled on V6 side – RTCP Packets discarded for Audio+T140 call after call modify.

Root Cause: For non-audio streams call-modify scenarios, the optional spec flag to mark the IP version was not set in the NP Interface.

Steps to Replicate: None.

Platform/Feature: SBC

A SCM leak on the Standby.

Impact: The SCM may leak memory in calls with a SIP Relay and FQDN. The memory used to store the Domain information may be leaked.

Root Cause: There is an edge case where the memory used to store the Domain information for a SIP Relay call is not being freed.

Steps to Replicate: This issue has been found by a code inspection and the steps to reproduce this case have not been identified.

Platform/Feature: SBC

Portfix SBX-94512: The RTCP packets count is not getting populated consistently in the callMediaStatus.

Impact: With the RTCP relay monitoring feature, sometimes the RTCP packets are not relayed or discarded.

Root Cause: In the SWe NP, due to endian alignment code issue, the RTCP mode configuration flags were not set as per the call flows enable/modifications.

Steps to Replicate: This is sporadic, when multiple times RTCP REL MON call flows, modifications tried it might occur.

Platform/Feature: SBC

The SipSgProcessRelayRequestPrimitive: relay an INVITE without the cpcOrigMsgInfoPtr.

Impact: A increase in the DBG logs filling up with SipSgProcessRelayRequestPrimitive messages.

Root Cause: In case of an End2End Re-INVITE, the log message does not have any impact.

Steps to Replicate: The log level changed on the basis of code analysis and description.

Platform/Feature: SBC

A large increase in sonusSbxSscsRouteFailureWithoutGapNotification2 traps.

Impact: When the PSX has more than 10 routes configured and the SBC receives those routes in multiple PSX responses and if all the routes fail, the SBC still makes additional diameter query towards the PSX. This causes the PSX to send an error: No Routes in Cache to the SBC. The SBC logs a trap after receiving No routes in the cache error.

Root Cause: The SBC makes an additional query to the PSX even after the PSX sent all the routes.

Steps to Replicate:

1. Configure more than 10 routes on the PSX Routing Label (11 routes for example).
2. All 10 routes fail.
3. The SBC sends another query to get more route and those fail as well.
4. The SBC still send additional query to the PSX which fails because the PSX have returned all the

Platform/Feature: SBC

Portfix SBX-93967: Direct dial to a call queue, and then transfer to agent fails.

Impact: For the PSTN to Teams calls, when Teams was triggering an INVITE with replaces, perform a subsequent REFER. The SBC was not relaying the REFER-TO information from the REFER message to the subsequent INVITE. This was resulting in the wrong information being sent back to MS Teams and the call failed.

Root Cause: The SBC was not relaying the REFER-TO information from the REFER message to the subsequent INVITE.

Steps to Replicate: In a MS Teams setup run a call Q and transfer scenario where the call originates from the PSTN side.

Platform/Feature: SBC

External PSX became active after a switch over, though it was the OOS prior to the switch over.

Impact: When changing the multiple remote policy servers' mode together in one "commit", some of the server's operational stats in the standby node might not be synced.

Root Cause: When one of the remote policy servers' mode was being changed from the OOS to active, the standby node will not try to register with this server, and the iteration of all mode change servers will be stopped. This causes the rest of the servers, whose operStats have not been changed and remain unchanged. Therefore, the operStats of these servers at standby node will be out of sync with the active node.

Steps to Replicate:

1. In a working HA, provision at least 3 working remote policy servers.
2. While keeping the admin stat at enabled, only keep 1 of the servers mode as active, and rest are out of service.
3. Change those servers' mode, commit only after all the set commands finished.
4. Display the status using the 2 commands below:
   "show table system policyServer remoteServer"
   "show table system policyServer policyServerStatus"
5. Perform a switchover.
6. Repeat step 4. The operStat will be different from step 4.
7. Making call load, may be a load call rate, when the Node A is active, and then when the Node B is active. When the Node B is active, the policy request may still be sent to the remote server that you have already made the OOS when the Node A was active.

Platform/Feature: SBC

Calculated the size of a buffer as too small and error logs were being generated post upgrade.

Impact: Removes this incorrect log message:

SipsRedGetCallControlSizeCmd()
Minor .SIPSG: *SipsRedMirrorCallControlCmd: Potential for buffer
format ERROR. Available:16076 Calculated:383 Packed:277

Root Cause: This message is logged incorrectly when the code is calculating the size for a Redundancy message.

Steps to Replicate: The steps cannot be replicated.

Platform/Feature: SBC

The code is modified to remove this incorrect log message:

SipsRedGetCallControlSizeCmd()
Minor .SIPSG: *SipsRedMirrorCallControlCmd: Potential for buffer
format ERROR. Available:16076 Calculated:383 Packed:277

Portfix SBX-93456: The SWe NP worker has a segfault.

Impact: There is an issue in the SBX-93456, where the SWe_NP was crashing multiple times due to the skb_work->skb corruption.

Root Cause: There is a point in normal media processing ( RTP and RTCP path), where an update to skb_work->skb from addr_ptr that is not necessary, may corrupt the skb_work->skb.

The corruption occurs in the path of processing RTCP XR packets, where the addr_ptr moves ahead by a few bytes, but the UPP processing expects the mbuf address to be present back at the 58 bytes from addr_ptr.

Steps to Replicate: Run JIO scenarios.

Platform/Feature: SBC

The RTP Inactivity Timer fires early upon performing a port switch-over on the M-SBC.

Impact: If a call starts out with no RTP packet at all, the RTP Inactivity Notification is triggered earlier than the configured threshold. This is only observed on the SWe SBC.

Root Cause: The timestamp used for inactivity detection is not set when the media resource is enabled in the network processor code.

Steps to Replicate: Run a test that establishes a call where the ingress peer does not send RTP. There are no switchovers or other events and the calls are disconnected before the timer expires. The timer is set to 30 seconds.

Call service Duration with a disconnect 145.

Platform/Feature: SBC

The SBC fails to route in advance to the 13th route.

Impact: When the PSX has more than 10 routes configured and all routes in the first policy response fail due to an internal cause, the call fails because the SBC cannot handle more routes correctly.

Root Cause: When the PSX has more than 10 routes configured and all routes in the first policy response fail due to an internal cause, the SBC's NRMA subsytem returns with an allocation failure.

Steps to Replicate:

1. Configure more than 10 routes on the PSX.
2. Force a failure on the first 10 routes due to an internal error.
3. Verify the call gets established on the routes in second policy response.

Platform/Feature: SBC

Portfix SBX-91398: The ASAN heap-use-after-free on the address DnsClientQueryServerCmd.

Impact: The DNS client running in the SBC while trying to query the DNS server, tries to identify the transport protocol used. If the query fails on the first server, it accesses the first DNS server's data structure to get the type of transport protocol.

Root Cause: This issue was reported as part of the ASAN Testing on the DNS regression suite in the SBC lab.

Steps to Replicate: This issue was found while running the DNS regression test suites.

Platform/Feature: SBC

The SBC fails to relay the 4xx-6xx responses when the IPTG authentication is enabled - all SIP causes are mapped to the CPC176 CPC_DISC_TG_AUTH_FAIL.

Impact: When the IPTG authentication is enabled, the SBC maps all the 4xx-6xx SIP codes to the CPC 176. The SBC is unable to relay the cause code from the egress to ingress endpoint.

Root Cause: When the IPTG authentication is enabled, the SBC maps all the 4xx-6xx SIP codes to the CPC 176.

Steps to Replicate:

1. Egress sends the 183 Session Progress.
2. Egress sends the 486 Busy Here.
3. The SBC does not send the 486 Busy code to Ingress.
4. Instead, sends the 599 that is mapping of 176 ( CPC_DISC_TG_AUTH_FAIL, which is CPC code) to Ingress.

With a fix, the SBC sends the 486 buys to the ingress correctly.

Platform/Feature: SBC

The SAM Process cores when the SNMP walk commands are executed during the TLS load.

Impact: When the getTlsSessionStatus command is executed when the TLS load is running, it will result in a SAM Process core.

Root Cause: The issue is because the SIPCM expects the SSL_get1_session() to increment the reference count of the SSL socketPtr. After the SIPCM returns from the SSL_get1_session() tries to decrement, the reference count during the time the socketPtr was deleted by another thread, which results in a double free.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SIP OPTIONS was not responding after a failover.

Impact: A syntax error message during a switch over is unable to respond.

Root Cause: Internal messages drop due to other subsystems not being ready to process the message. Subsequent messages are stuck in the queue.

Steps to Replicate: Simple ping Options messages during a switchover.

Platform/Feature: SBC

The IPv4 Path MTU Discovery (RFC1191) was not working.

Impact: The IPv4 Path MTU Discovery (RFC1191) does not work.

The SBC uses the MTU of the outgoing network interface as the Path MTU.
Without the fix, the SBC does not update the Path MTU properly even if a router in the path sends "ICMP Destination Unreachable Fragmentation Needed" message with a smaller Path MTU value. The large packets requiring fragmentation to fit the Path MTU from the SBC will not reach the SIP peer.

Root Cause: In performing a route/fib, lookup in the updating Path MTU from "ICMP Destination Unreachable Fragmentation Needed" message did not consider the ipInterfaceGroup and addressContext. This resulted in not updating Path MTU of the proper route entry to the peer.

Steps to Replicate: The SBC sends IP packets of a length 1500 bytes toward the SIP peer when a path to the peer has a smaller MTU (e.g. 1400 bytes). A router with the smaller MTU sends "ICMP Destination Unreachable Fragmentation Needed" to the SBC. The SBC, with the fix, adjusts the Path MTU, performs the fragmentation and sends fragments to the SIP peer.

Platform/Feature: SBC

The lwresd process on the active node is killed when a reboot is issued.

Impact: When a reboot is issued at the command prompt on the active node, the slwresd process is killed prior to it being properly shutdown. This causes a delay in reboot processing as the system goes through a fault recovery processes rather than an expedited shutdown.

Root Cause: The reboot wrapper that kills a non-SBC processes and using the drbd mount point was inadvertently killing the swlresd process.

Steps to Replicate: On the active CE, issue a reboot at a command prompt.

Platform/Feature: SBC

A large number of TLS error messages were in DBG log.

Impact: The following log message was filling logs due to being incorrectly logged at the MINOR level (when it should have been at INFO level):

Minor .SIPSG: sipsgUtils.c (-27373) 27050. SipSgLogLevel4: missing callId need to parse

Root Cause: The following log message was incorrectly being logged at the MINOR level (when it should have been at INFO level):

Minor .SIPSG: sipsgUtils.c (-27373) 27050. SipSgLogLevel4: missing callId need to parse

Steps to Replicate: The only change was to change a log message from MINOR to INFO - there was no testing necessary.

Platform/Feature: SBC

The code is modified to change the following log message from MINOR to INFO:
Minor .SIPSG: sipsgUtils.c (-27373) 27050. SipSgLogLevel4: missing callId need to parse

Portfix SBX-89018: The ASAN heap-buffer-overflow in the CpcOptionalParameterSave from the SipSgCopySipUrlToCpc

Impact: When an INVITE arrived to start a new call, the SIP service group control "callRouting useRouteSet" is set to the value of "received" to try and route the call based on the routeset in the INVITE. While processing the URI information in the header and trying to map it into internal structures, the code was reading off the end of a memory block. This setup can cause a crash if the memory block is at the end of the heap.

Root Cause: The code was trying to apply a 4 byte alignment to the internal parameter length after the memory had already been allocated. This meant that sometimes, the parameter length got set to a larger value than the memory block size.

Steps to Replicate: This problem was identified while running ASAN testing in the Ribbon lab and cannot be reproduced using normal images.

Platform/Feature: SBC

A backup/restore file cannot be downloaded from the EMA if the file name contains a dot (.).

Impact: A backup/restore file cannot be downloaded from the EMA if the file name contains a dot (.).

Root Cause: In the downloadSavedConfig block, making an API call both the time (Running on the SBC or running on the EMS).

Steps to Replicate:

1. Login into EMA.
2. Navigate to
   Administration -> System Administration -> Backup/Restore
3. Download the Backup file.

Platform/Feature: SBC: EMA

Portfix SBX-72499: The PesP cored on the active node.

Impact: The PesP cored on the active node.

Root Cause: The Ref count is getting incremented and once it reached the max value, it is becoming zero and destroying the object in one thread. At the same time, the other thread is accessing the object and crashing.

Steps to Replicate: Keep running calls for a longer time by using only one IpSignalingProfile.

Platform/Feature: SBC: Application, ERE

Portfix SBX-95097: The SBC is sending incorrect RACK in the PRACK for a Late Media Call.

Impact: The SBC is sending incorrect RACK in the PRACK for a Late Media Call.

Root Cause: Whenever the PRACK with SDP comes as an answer, the PRACK entry holding RSEQ details is not getting removed from the list while being sent out, because of any subsequent 18x/PRACK without SDP coming out at the same time; the SBC is adding old RSEQ in RACK.

Steps to Replicate: Late Media call with first 18x and PRACK with SDP followed by an 18x and PRACK without SDP.

Platform/Feature: SBC

Missing the Egress Response Code in the Field 59.19.

Impact: Egress error response code is not updated for the SIP response “487 Request Cancelled” in the field number 59.19 in ATTEMPT CDR record.

Root Cause: In the “487 Request Cancelled” case, because there is no CANCEL sent for the INVITE, the correct function is not called that is responsible for adding field number 59.19 in the ATTEMPT CDR record.

Steps to Replicate: Set up the SBC to make a simple call flow as below, and check the CDR for field 45.19/20 and 59.19/20:

UAC.xml SBX UAS.xml
| | |
| INVITE | |
|=======>| |
| 100 | |
|<=======| |
| | INVITE |
| |=====>|
| | 487 |
| |<=====|
| | ACK |
| |=====>|
| | |
|480 | |
|<=======| |
| ACK | |
|=======>| |

Platform/Feature: SBC

Portfix SBX-95749: The SBC is not adding the Contact header in the 200 OK of UPDATE for a session refresh UPDATE.

Impact: The contact header is missing in the 200OK sent by the SBC for a session refresh UPDATE (an UPDATE without SDP or an UPDATE with the same SDP as last SDP).

Root Cause: The contact header is missing in the 200OK sent by the SBC for a session refresh UPDATE (an UPDATE without SDP or an UPDATE with the same SDP as last SDP).

Steps to Replicate:

1. Enable the E2E Update.
2. Trigger an UPDATE without SDP or an UPDATE with same SDP as last SDP.

Platform/Feature: SBC

The SBC was using the incorrect SIP signaling port for the challenged SUBSCRIBE.

Impact: When the usePortRangeFlag is enabled, the SBC may use an incorrect SIP Signaling Port when handling a SUBSCRIBE request with an Authorization header, in the REGISTER - SUBSCRIBE scenarios when the initial SUBSCRIBE request is challenged.

Root Cause: When the usePortRangeFlag is enabled, the SBC may use an incorrect SIP Signaling Port when handling a SUBSCRIBE request with an Authorization header to the egress peer.

Steps to Replicate:

Provision the SBC to support CUCM (Cisco Unified Connection Manager) .
Ingress zone / sipTrunkGroup:
set addressContext default zone ZONE2 sipTrunkGroup SBXSUS4_LABSIP1 signaling registration requireRegistration required
set addressContext default zone ZONE2 sipTrunkGroup SBXSUS4_LABSIP1 signaling usePortRangeFlag disabled
set addressContext default zone ZONE2 sipTrunkGroup SBXSUS4_LABSIP1 signaling psxRouteForSubscribe enabled
commit

Egress zone / sipTrunkGroup:
set addressContext default zone ZONE4 sipTrunkGroup SBXSUS4_LABSIP2 signaling registration requireRegistration none
set addressContext default zone ZONE4 sipTrunkGroup SBXSUS4_LABSIP2 signaling usePortRangeFlag enabled
set addressContext default zone ZONE4 sipTrunkGroup SBXSUS4_LABSIP2 signaling psxRouteForSubscribe disabled
commit

set profiles signaling ipSignalingProfile DEFAULT_SIP commonIpAttributes relayFlags dialogEventPackage enable
commit

Perform REGISTRATION.

Perform a challenged SUBSCRIBE.

Platform/Feature: SBC

Co-existence of 4xx-6xx IPSP flag and Subscribe crankback is not working.

Impact: Out of dialog message fails to crankback when the relay 4xx-6xx is enabled.

Root Cause: The relay flag must not take precedent.

Steps to Replicate: Configure the crankback and enable relay 4xx-6xx flag. The subscribe response with failure must be able to crankback.

Platform/Feature: SBC: SIP

Portfix SBX-95941: An unknown header transparency flag interaction with Tagging.

Impact: STIR-SHAKEN related headers are duplicated when the STI service type is tagging and transparency is enabled.

Root Cause: This scenario was not handled when STIR-SHAKEN was supported in 7.2.0.

Steps to Replicate: STI Profile is assigned on Ingress and Egress TG, on Ingress STI Profile “Override P-Headers with configured values”  flag is enabled.

In egress IPSP (IPTG section) “Unknown header” transparency flag is enabled.

Platform/Feature: SBC

Portfix SBX-91996: The SBC fails to send a=fmtp parameter towards the UAC, when the SBC received a=fmtp parameter above a=rtpmap in the answer from UAS.

Impact: The SBC fails to send a=fmtp parameter towards the UAC, when the SBC received a=fmtp parameter above a=rtpmap for the Dynamic Payload in answer from the UAS.

Root Cause: When the FMTP line is received prior to the RTP line for a dynamic payload, Internal Logical issue is causing the issue. When the string holding FMTP line is terminated with \0, the SBC unable to parse manually.

Steps to Replicate:

Test Configuration:
==============

1. The SBC must be configured to handle the AMR passthru call.
2. The transcoding must be set as conditional.

Test Procedure:
=============

1. The UAC sends Invite with AMR WB codec.
2. The UAS sends 180 Ringing with AMR with following SDP:

m=audio 6084 RTP/AVP 106 100
a=fmtp:106 mode-set=0,2,5,7;max-red=0
a=rtpmap:106 AMR/8000
a=rtpmap:100 telephone-event/8000

Platform/Feature: SBC

Portfix SBX-93360: The SBC was sending an INVITE with the SRTP instead of RTP.

Impact: The SBC is sending the SRTP instead of RTP.

Root Cause: The intersection of working PSP and peer PSP does not take place in the stream absent case. The SRTP values are never updated.

Steps to Replicate:

1. Create a UAC with RTP.
2. Create two UAS with SRTP param.
3. Send a port =0 for hold response.
4. Check if the SBC is misbehaving while sending an INVITE to release hold from the far end.

Platform/Feature: SBC

Portfix SBX-71623: The SMM header criteria not matching complete header value.

Impact: The SMM header criteria was not matching complete header value, it is only checking for the value between <>.

Root Cause: The SMM value being checked is enclosed between <>.

Steps to Replicate: Write a criteria on the header value and the issue will be displayed.

Platform/Feature: SBC: Application

Portfix SBX-85852: The "Timeout detected -- Forcing read/write access" occurred during switchovers.

Impact: The message "Timeout detected -- Forcing read/write access" is observed during switchovers.

Root Cause: This message is logged on the NBI timer expiry (after 2mins) and configuration changes were allowed before the DBs are in sync. This occurs when standby initialization takes longer.

Steps to Replicate: Install the SBC with the fix build and perform a switchover. Ensure there is no timeout message and that configuration changes are allowed only after the DBs are in sync.

Platform/Feature: SBC

Disable media lockdown does not suppress the media lockdown re-INVITE when the SRTP is enabled.

Impact: If the SBC offers crypto, and peer does not reply with crypto in the answer, a re-INVITE is sent to lockdown the crypto attribute (no crypto). If NAT is enabled, there is one second media drop while re-learning for the new re-INVITE is happening. For non-NAT cases, nothing will be observable except for signaling change.

Root Cause: This issue was SBC's original behavior.

Steps to Replicate:

1. Setup the SBC so that it sends a crypto in offer.
2. In the answer from the peer - do not send any crypto attribute.

Without a fix, the SBC will send another re-INVITE if the fallback to unencrypted is allowed. With a fix, this extra re-INVITE will be suppressed.

Platform/Feature: SBC

The R-URI in NOTIFY messages was not using the correct port number in case of TLS.

Impact: The SIP NOTIFY messages relayed through the TLS, may contain a R-URI that uses the SIP signaling port number verses the TLS port number.

Root Cause: The relay software used the SIP signaling port number instead of using the TLS port number.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC: Call Control

When the SBC receives route header with a port and TLS, it increments the port number.

Impact: When the SBC receives route header with a port and TLS, it increments the port number.

Root Cause: The SipSgPopulateAndSendToEgress() incorrectly increments the TLS signaling port number, when an out-of-dialog SIP OPTIONS message being relayed contains a "transport=TLS" parameter in the top most ROUTE header, and TLS transport is used.

Steps to Replicate: When the SBC receives OPTIONS with the Route header, the SBC relays that OPTIONS to a Port+1.

Platform/Feature: SBC: SIP

The PrsP cored on the standby SBC node.

Impact: The standby PRS process core was triggered from the XRM, when processing the XRM_DEALLOCATE_CMD_MSG from the standby SIPFE before the XRM has received the RTM_SYNC_TO_ACT_START_NFY_MSG.

Root Cause: There were many registration bind timeouts reported on the active SIPFE that triggered deallocation of the registration blocks and closing of port range connections. An active SIPFE mirrored the port range connection close requests to the standby SIPFE that triggered XRM_DEALLOCATE_CMD_MSG being sent to the standby XRM. The bug was that active SIPFE used regular ICM alloc/send mechanism to send the redundancy requests while standby node was in the middle of sync to active node.

Steps to Replicate:

1. HA pair, SIP registration load test, with high number of registrations.
2. Cause registration binding timeouts.
3. Restart the standby node.

Platform/Feature: SBC

The 4 SCMs cored after switchover.

Impact: The SCMs have cored after a switchover.

Root Cause: There is a bug that allows the RTM to attempt to process the Call Audit fault while still in the STANDBY mode. Since the Call Audit fault must only be processed while in the Active Mode - this causes a core.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

Portfix SBX-74922: Modem calls failing when the DSP engaged in the ingress SBC.

Impact: The Bell 103 Modems in a G711-G711 transcoded call does not succeed.

Root Cause: The SBC G711-G711 transcoded calls perform a DTMF detection and the removal operation that can falsely remove some short signals, which is fine for speech perception but can affect modem signals that have similar characteristics of some modem signals. The SBC has signal detector for more modern modem that send a 2100 Hz tone to precede actual modem transmission. Once that is detected, the DSP media handling disables the DTMF removal. The SBC, however, does not detect older modems that sends a 2225 Hz signal in the beginning.

Steps to Replicate: 

1. Make a G711-G711 forced transcoded call. Ensure that both legs have the DTMF remove enabled (dspchanstat).
2. Use modem2225g711.pcap that has the modem signal captured from the customer in the ingress.
3. Collect the media capture for the call and inspect the dspchanstat, as well as the output signal from egress.
4. The dspchanstat and faxconfirmed field show 0x0. Signal output shows drops in the FSK modem signal between 18.72 and 19.65.

Platform/Feature: SBC

Port the fix for SBX-86420 to 6.2 and 7.2 code branch.

Impact: Whenever the TLS transport is selected, the SBC is trying to increment FQDN port by 1. In this case, even when FQDNPort is Zero in SIPSG/SIPS, the port is incremented by 1. So the FQDN port is set 1 because of this SRV query is not sent to the DNS server.

Root Cause: Whenever the TLS transport is selected, the SBC is trying to increment FQDN port by 1. In this case, even when FQDNPort is Zero in SIPSG/SIPS, the port is incremented by 1. So the FQDN port is set 1 because of this SRV query is not sent to the DNS server.

Steps to Replicate:

1. Send an INVITE with the TGRP parameters in R-URI.
2. The SBC sends the TGRP information to the PSX.
3. The PSX does TGRP based routing and sends route.
4. The SBC must send the SRV query to the DNS to resolve port and IP details when egress peer is FQDN.

Platform/Feature: SBC

Portfix SBX-96170: When the SBC executes a "Teardown" to UPDATE request by the SMM, the To header and From header of response are malformed.

Impact: Write an SMM Rule to do a teardown on an UPDATE Request and Error Response has Malformed headers.

Root Cause: When a server request of UPDATE request is saved, optional headers are not being saved.

Steps to Replicate: Write a SMM rule to tear down update request with the 415 and the issue will be reproduced.

Platform/Feature: SBC

The direct media (release) not working, no x-dmi to BSFT in the 200 OK while the 18x has it.

Impact: The 200OK behindNapt and direct Media support is unable to treat as direct media.

Root Cause: The issue is due to an internal offer/answer update after the first 18x, the previous flags for behind NAPT was lost.

Steps to Replicate:

1. Ingress configuration behind Napt and direct Media support.
2. Egress sends the SRTP Invite and peer response 18x with non-secure RTP. Subsequent 18x/2xx sent to ingress is missing x-dmi line.

Platform/Feature: SBC: Media, Platform, SIP

To TAG broken when dialogTransp enabled and downStreamForking enabled.

Impact: When the dialog transparency, downstream forking and end to end PRACK is enabled, the SBC intermittently sends incorrect tagging in outgoing PRACK towards the egress.

Root Cause: A previous fix (SBX-63508) tries to address the scenario where downstream forking is enabled, dialog transparency is enabled and the 183 for the second dialog comes before PRACK when the first dialog is sent. But the pstCall structure was pointing to memory that may have been freed and re-used for storing some other SIP Message. So the To Tag sent from the SBC in an ACK message was incorrect.

Steps to Replicate:

1. Enable Downstream forking, dialog transparency and E2E PRACK.
2. Outgoing ACK from the SBC to egress has incorrect to Tag.

Platform/Feature: SBC: SIP

Portfix SBX-96448: ICE not getting completed when the simultaneous ringing is enabled.

Impact: When simultaneous ringing is enabled to multiple MS teams endpoints, in certain cases where the ICE STUN requests are received by the SBC before an SDP is received in signaling messages, ICE is not getting completed for the endpoint that answers the call resulting in media to and from that endpoint not flowing through the SBC.

Root Cause: The SBC answers the first STUN message with a use candidate and completes ICE learning for that endpoint. Subsequent stun messages from other endpoints with use candidate were answered but ignored for ICE learning.

Steps to Replicate: With simultaneous ringing enabled to two MS teams endpoints, initiate call through the SBC to MS teams and verify that irrespective of when the endpoint answers the call voice media can flow through the SBC. Test must be repeated around 10 times and call answered from a different end point each time.

Platform/Feature: SBC

Portfix SBX-95170: To allow early RTP ICE learning for the MS teams DLRBT media bypass scenarios.

Impact: In a media bypass call flow with the DLRBT enabled, if the MS Teams client takes a long time to answer the call, then the ICE processing does not complete. The MS Teams client never sends STUN with a useCandidate = 1 because it did not get responses to the previous STUN messages in the first ten seconds for the call.

Root Cause: For an outgoing call, the SBC was not enabling ICE learning and not responding to STUNs until an answer SDP is received.

Steps to Replicate: With MS Teams media bypass and DLRBT configuration on the SBC, make a call from PSTN to MS Teams and delay answering of the call for 30 seconds.

Platform/Feature: SBC

Upgrade set all the CNAM Trunks to a Subscribe Rate of 1.

Impact: When the LSWU upgrade is completed, the SIP Trunk Group CAC ingress/egress subscribeRateMax and subscribeBurstMax are over written with the registerRateMax and registerBurstMax values.

Root Cause: This is functionality that was added in the SBC V3.1 when the SIP Trunk Group CAC ingress/egress subscribeRateMax and subscribeBurstMax were first added (but the values were not set).

Steps to Replicate:

Configure SIP Trunk Group CAC ingress/egress subscribeRateMax and subscribeBurstMax, for example:
% set addressContext default zone ZONE sipTrunkGroup SIPTRUNK cac ingress callRateMax 1 callBurstMax 1 registerRateMax 1 registerBurstMax 1 callLimit 0 emergencyOversubscription 0 extendedEmergencyIpLimit 0 subscribeRateMax 10 subscribeBurstMax 20 otherReqRateMax unlimited otherReqBurstMax unlimited hpcOversubscription 0
% commit
% set addressContext default zone ZONE sipTrunkGroup SIPTRUNK cac egress callRateMax 1 callBurstMax 1 registerRateMax 1 registerBurstMax 1 callLimit 0 emergencyOversubscription 0 extendedEmergencyIpLimit 0 subscribeRateMax 10 subscribeBurstMax 20 otherReqRateMax unlimited otherReqBurstMax unlimited hpcOversubscription 0

Perform an LSWU upgrade.

See that the SIP Trunk Group CAC ingress/egress subscribeRateMax and subscribeBurstMax are now set equal to registerRateMax and registerBurstMax values.

Platform/Feature: SBC

After an upgrade, the SWAP partition has a wrong UUID.

Impact: The file /etc/fstab had an incorrect UUID for SWAP partition due to the timeout logs were seen on the boot-up.

Root Cause: As part of multiple upgrades going through different versions, the SWAP partition UUID has somehow been changed but the same is not reflected in fstab file.

Steps to Replicate: Install/upgrade to fix version and ensure there is no swap entry in fstab file and also there is no timeout logs.

Platform/Feature: SBC

The SMM writeCdr was failing to write to ATTEMPT CDR when acting upon 300 Multiple Choice.

Impact: The SBC is failing to write the SMM fields in the ATTEMPT CDR when acting upon the 300 Multiple Choice.

Root Cause: The code was missing to handle the SMM information for a Redirect Scenario in the CDR.

Steps to Replicate: Test Redirect cases, and ensure SMM CDR write operation is successful in ATTEMPT record.

Platform/Feature: SBC

Portfix SBX-94662: The SBC is unable to handle emergency calls (E911) when ICE is enabled.

Impact: When the call limit for ordinary calls is already consumed on a trunk group, a new 911 emergency call on that trunk group does not complete using the emergency call bandwidth if ICE is also configured on the trunk group.

Root Cause: An issue in software was not processing ICE data correctly when the call was transitioning from using ordinary bandwidth to using emergency bandwidth.

Steps to Replicate: With the SBC trunk group configured with ordinary call limit and additional emergency call limit and ICE enabled:

1. Establish as many calls as required routed via the trunk group to consume the ordinary call limit on that trunk group.
2. While the previous calls are active, initiate a new 911 emergency call to be routed via the trunk group and verify the call succeeds.

Platform/Feature: SBC: Media, SIP

Portfix SBX-96723: The Zone SMM Profile was not working when performing a sbxrestart/reboot.

Impact: The Zone SMM is not getting applied when performing a SBC restart.

Root Cause: The Zone SMM profile is not being restored during an SBC restart.

Steps to Replicate: Attach a Zone Profile with the fixed order, and run a call. The Zone SMM profile will be applied, and when performing a  SBC restart and running the call, the Zone SMM is not getting applied.

Platform/Feature: SBC

Portfix SBX-96937: Running the sysDump.pl on Openstack restarts the SBC.

Impact: Running the sysDump.pl on the 8.2.0R0 release on the SBC Openstack cloud platforms causes the SBC application to restart.

Root Cause: The openclovis is monitoring some files as markers, using notify and taking it down when the file open operations are done.

Steps to Replicate: Once the SBC application is up and running:

1. Run sysDump.pl and enter the default inputs.
2. The SBC application will not go down.

Platform/Feature: SBC

Portfix SBX-96939: The ImPr cored when the SBC was running a call load.

Impact: The SBC ImProcess cored when the LI server became unavailable.

Root Cause: When the LI server becomes unavailable and a large number of packets are queued up for that server, the ImProcess takes more than 10 seconds to clean up all those packets, and the process coredumps.

Steps to Replicate:

1. Establish a large number of LI calls.
2. Bring the LI server down.
3. Ensure that the ImProcess does not coredump.

Platform/Feature: SBC

7k DSP falsely detecting fax tone on music.

Impact: SBC falsely detects a modem tone (2100 Hz with phase reversals) for certain type of music.

Root Cause: Algorithm for modem tone detection first looks for 2100 Hz tone for 630 ms and a non-zero number of phase reversals. In certain type of rich harmonic tones, this results in large number of phase reversals. Typically for modem tones we expect no more than 2 phase reversals in 630 ms.

Steps to Replicate: Make g729 to g711 calls and stream the pcmu_stream1_withsilence3.pcap from the g711 leg.
Before a fix, a modem is detected on this signal as indicated in the dspchanstat.
tone2100PhaseRevCnt: 1.

Platform/Feature: SBC: DSP

The SBC does not send invite to subsequent routes in native forking when the SBC receives Invite with call-ID as "i".

Impact: An incoming short callId header "i" fails to send subsequent Invite for multi routes.

Root Cause: There was missing logic to look for callId header with a short name.

Steps to Replicate: Configure the native forking call and have incoming call with short name "i' for callId header.

Platform/Feature: SBC

TLS call failures were observed due to a port value set to 1 instead of 5061.

Impact: The SBC uses Port 1 for sending an INVITE out for the TLS protocol when the route header was received without a port.

Root Cause: The issue is because when the route header is received without a port in it, the SIPSG was incrementing the port for the TLS. Since the port was not received, the port received is considered as 0. For the TLS, increment by 1. When incremented, the port becomes 1 and this gets used for sending an INVITE that is resulting in calls failing.

Steps to Replicate: Send the Route Header without port Route: <sip:ipaddr:;lr>. The SBC will use port 1 for sending an INVITE that is causing the issue.

Platform/Feature: SBC

The code is modified to check when the port is received in route header or not.
If port is received, then increment the port for the TLS. If it is not received, then increment and allow the SIP stack to handle it.

Asymmetric PRACK Interworking was not working as described.

Impact: Whenever any codec entry is deleted from codec list in the PSP and in the PSX, it rearranges the codec list immediately. There will not be any empty codec entry in the list.

The same issue is in the ERE, so it can be treated as a bug in the ERE.

Root Cause: When any CodecEntry is deleted, it is not rearranging the CodecEntry, which causes a NULL value in that place.

Steps to Replicate:

1. Configure the CodecEntry1 ,CodecEntry2 to CodecEntry12
2. Delete any CodecEntry.

Result: The call will be successful.

Platform/Feature: SBC: ERE

Update scripts in the common/debian/install/sbx-install and orca/install.

Impact: Monit paths needed to be updated with the new definitions.

Root Cause: New definitions were introduced for monit paths.

Steps to Replicate: The steps cannot be replicated.

Platform/Feature: SBC

The LCA errors seen when the SBC is spawned.

Impact: A sbcDiagnostic.sh flags error in the LCA, because it greps for ERROR.

Root Cause: The keyKeeper.py prints in the lca.log ERROR whenever it is unable to delete a file that contains a pswd. The file may already be deleted or not even created, this may also throw error.

Steps to Replicate: Run the sbcDiagonostic.sh and check no errors are present from keyKeeper.py.

Platform/Feature: SBC

Portfix SBX-96471: While trying to become active on a switchover, the systrem rebooted since the DRBD could not be switched to the primary.

Impact: While trying to become active on a switchover, the systrem rebooted since the DRBD could not be switched to the primary.

Root Cause: The DRBD is configured so that whenever a low level error occurs, the DRBD will be detached and the dstate will become "diskless". This scenario was leading the standby for reboot.

Steps to Replicate:

1. Run "drbdadm detach mirror" on standby.
2. Perform a switchover.
3. The switchover will be successful.

Platform/Feature: SBC

Portfix SBX-70059: Support the HOLD/RESUME INVITE from the SIPREC SRS to pause and start pumping media towards the SRS.

Impact: With a second SIPREC server call hold, the RTP recording is not paused/stopped towards recording server.

Root Cause: With the RTCP snoop enabled, the NP API handler has an issue in handling the media snoop configuration update with a SIPREC hold.

Steps to Replicate: Test the SIPREC hold features with the RTCP snoop enabled.

Platform/Feature: SBC

Portfix SBX-90855: The ASAN has a new-delete-type-mismatch on the SrchCriteriaIb.

Impact: The ASAN has a new-delete-type-mismatch on the SrchCriteriaIb.

Root Cause: The srchCriteriaIbArray is a dynamically allocated array in the GUISERVER, but it was not released using delete, so it is reported by ASAN.

Steps to Replicate: Re-run the testcase in the ASAN build and verify that the issue is not reported again.

Platform/Feature: SBC

The IPACL causes a PRS deadlock.

Impact: The PRS process may coredump after the state disabling and enabling ACL rule(s), performing a switchover by powering the CE off immediately, and state disabling and enabling ACL rule(s).

Root Cause: The PRS used stale socket connections after the power off immediate switchover.

Steps to Replicate: Reproduce the PRS coredump issue by performing the following:

1. Create the ACL rule using the installed role active CE when the HA system is synchronized (full redundancy protection).
2. Perform a switchover to the installed roll standby CE.
3. Wait until the HA becomes synchronized (full redundancy protection).
4. Using EMA to installed roll standby CE:
   Disable the ACL rule
   Enable the ACL rule
   Disable the ACL rule
   Enable the ACL rule
5. Verify that the system is synchronized.
6. Power off the installed roll standby CE "Power Off Server - Immediate" using the BMC.
7. Using EMA to installed roll active CE:
   Disable the ACL rule
   Enable the ACL rule <--- PRS CORED

Platform/Feature: SBC

The SBC was not releasing the other leg when a call is disconnected during hold( MOH enabled).

Impact: The SBC was not releasing the other leg when a call is disconnected during hold( MOH enabled).

Root Cause: This is a race condition in the CC where the handler for the event ASG_DISC_CMD is not present, and for the CC state CC_VIRT_ESCR_VDREQ due the call being hung.

Steps to Replicate:

1. Make a TEAMS to PSTN call.
2. TEAMS holds the call (MOH).
3. TEAMS disconnects the call during MOH.

Platform/Feature: SBC

Portfix SBX-94562: The ASAN has a heap-buffer-overflow in the SipSgACDMNaptQualTblAddEntry.

Impact: There was a Heap Buffer Overflow in the function SipSgACDMNaptQualTblAddEntry().

Root Cause: The Memcpy is being used instead of StrnCpyZ().

Steps to Replicate: Run the PCR 5637 regression on an ASAN Build.

Platform/Feature: SBC

Portfix SBX-94402: The SBC was not throwing a parse error in TLS if the content-length is not sent in a PRACK message.

Impact: The SBC is not throwing a parse error when the content-length Header is not sent in PRACK request using the TLS transport.

Root Cause: Similar code is present in the TCP Transport but not in the TLS-TCP transport.

Steps to Replicate: 

1. Make a TLS call with the 100rel enabled.
2. Send PRACK without content-length header for 18x.

Platform/Feature: SBC

Portfix SBX-94403: Unable to establish the same number of sessions after the switchover.

Impact: Calls were getting cleared under load conditions after a switchover in the first gateway in a GW-GW setup.

Root Cause: When the sessionKeepAlive is set and when the SBC switched over, the SBC starts sending refresh INVITEs to the endpoints. Since this is a GW-GW setup, a newly active GW-1 will send call processing messages to the GW-2. There was an issue in call processing at GW-2 that resulted in call failures.

Steps to Replicate:

1. Create a SBC GW-GW setup and enable the sessionKeepAlive,
2. Establish a call load of more than 25K and once call is stable, perform a switchover at the GW-1.
3. Calls now start failing.

Platform/Feature: SBC

Portfix SBX-94389: When call transferring to the PSTN, the SBC was sending RTP/AVP instead of RTP/SAVP towards Teams in the ReINVITE.

Impact: The SBC was sending a Re-INVITE towards Teams with m= line protocol as RTP/AVP instead of RTP/SAVP. Because of this, Teams is sending a 488 call was failed.

Root Cause: After an abort_ann_tone event, the CC was not moving to cutthru mode.

Steps to Replicate:

1. The 'Announcement based tones' flag is enabled.
2. Make a call from the PSTN - Teams n/w.
3. After a call connect, a Teams user transfers the call to another Teams user, and the call will succeed.

Platform/Feature: SBC

The Scm Process coredumps when there is NO ROUTE from the PSX = 0.

Impact: The Scm process coredumps when there is a call clearing with "no route found" from the PSX/ERE.

Root Cause: There was a bug in the call disconnect handler that resulted in the Scm crash for a non-configured number.

Steps to Replicate: Run a basic SIP call with a non-configured number and the Scm Process must not crash while handling the disconnect.

Platform/Feature: SBC: Application

The early media PEM has a behavior issue if there is no PEM in 18x.

Impact: When the egress TG early media method is P Early Media and the P Early Media header is not received, the SBC does not send media to the ingress caller.

Root Cause: The audio data path mode is set to inactive for the PEM structure.

Steps to Replicate: 

1. PEM Header transparency is enabled and the egress TG configuration is listed below:

set addressContext default zone IPX_SIGNALING_VOLTE sipTrunkGroup 1009074301 media earlyMedia method pEarlyMedia
set addressContext default zone IPX_SIGNALING_VOLTE sipTrunkGroup 1009074301 media earlyMedia egressSupport enabled
set addressContext default zone IPX_SIGNALING_VOLTE sipTrunkGroup 1009074301 media earlyMedia defaultGatingMethod sendrecv
set addressContext default zone IPX_SIGNALING_VOLTE sipTrunkGroup 1009074301 media earlyMedia forkingBehaviour firstProvResponse

Call Flow: The 183 Session Progress from the egress contains SDP and no PEM header.
Issue: The SBC does not send media from egress to ingress and the caller receives dead air.

Platform/Feature: SBC

Portfix SBX-94324: In the SBC to GW to SBC scenario, the first SBC coredumps when the ingress invite contains four identity headers.

Impact: Making a GW-GW call that contains multiple identity headers will cause a crash.

Root Cause: There was a validation code to check that the internal CPC structures that carries the identity header information was correctly padded to a 4 byte alignment. This validation code was correct for one identity header but failed when more than one was present and as a result, triggered the system to crash.

Steps to Replicate: Send in an INVITE that contains two identity headers of type SHAKEN and route the call over a GW-GW connection to a second SBC.

Platform/Feature: SBC

Portfix SBX-98356: There was a SEGV on an unknown address 0x0000000000e5 (pc 0x5653a715fdde bp 0x7f84a52bfea0 sp 0x7f84a52bfe70 T9).

Impact: After a successful surrogate registration, if any configuration related to the IP Peers/TGs/Surrogate registration is deleted, the Scm Process will coredump.

Root Cause: The code was dereferencing a null pointer when the trunk group configuration data was no longer present and the surrogate registration response came back.

Steps to Replicate: Trigger the SBC to send out surrogate registration request and delete all the associated trunk group configurations before sending back a response from the remote server.

Platform/Feature: SBC

The trunks data cannot be displayed on the live monitor.

Impact: The Zone and Trunk Group based live monitor charts does not show any data if the trunk group name contains hyphen.

Root Cause: The Elastic Search interprets 'hypen' as a delimiter and as a result, the string is broken down into tokens for indexing. When a query is put in the ElasticSearch for data with trunkgroup name containing 'hyphen', no data is retrieved as the Elastic Search has stored the data not with the actual trunkgroup name but with tokens

Steps to Replicate: 

1. Create a trunkgroup with name containing hyphen.
2. Enable the Live Monitor.
3. Run Calls and wait for sometime.
4. Verify data is shown in Zone and Trunk Group based charts.

Platform/Feature: SBC

The ipRecMetadataProfile does not work for the request-uri in the V07.02.02.

Impact: INVITE SIPREC or SIPREC INVITE may not have a request-uri beta or core.

Root Cause: The logical error that access the wrong data structure.

Steps to Replicate: Configure the metadataProfile with a request-uri and enable the SIPREC on ingress.

Platform/Feature: SBC

The MAINTAIN ONLY CDR .ACT file extension during atomic write process was not utilizing the .TMP.

Impact: When the CDR files are copied to the remote server, the file is copied with a temporary extension .TMP. For some installations, the software running on the remote server moves those files with the .TMP extension before the SBC software renames them with an .ACT extension.

Root Cause: A temporary extension is used during the time files are copied to the remote server.

Steps to Replicate: Perform the following step:

1. Unhide debug
2. Set OAM accounting cdrServer admin primary useFilePostfix disable
3. Transfer a large file.

Note that the file that is being uploaded to the remote server has an ACT extension while it is being transferred.

Platform/Feature: SBC

A new option is added to fix the issue:

1. Unhide debug
2. Set oam accounting cdrServer admin primary useFilePostfix disable

By default, the useFilePostfix is set to enabled.

When set to disable, a temporary extension is not used when copying the file to the remote server.

The SBC application restarted twice.

Impact: The SCM cored due to a segmentation fault.

Root Cause: The SCM hit a segmentation fault due to an attempt to dereference a NULL pointer.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The PrsP cored on both the active and standby nodes at the same time.

Impact: The PRS process cored due to accessing a non accessible memory location while processing the MONSEC response from NP.

Root Cause: Based on the core analysis, the core dump was caused by an invalid MONSEC response from NP. There were many read media stats commands sent to NP at the same time with the MONSEC request. The response that was processing appeared like a valid PNPS_NP_RSP_RD_MEDIA_FLOW_STR response.Due to this observation, there may be some timing issue that sent media flow stat response to MONSEC.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SBC adds a media IP address in the outgoing SDP although the call is a direct media call.

Impact: When a direct media is enabled when handling the re-INVITE from ingress endpoint without a SDP change, the SBC sends a 200OK answer to ingress with the SBC's own media IP address. This causes a one way audio issue.

Root Cause: When the direct media is enabled, while handling a re-INVITE relay transaction, the SBC does not update the SIPStack SDP correctly.

Steps to Replicate: 

Configure for Direct media and enable the e2e Re-Invite.

1. Send an Invite from A to B.

   
   

2. B sends a re-Invite to A.

   
   

3. A sends a re-Invite to B with SDP of 200 OK that is sent for previous re-Invite

Platform/Feature: SBC

All call registrations were failing on the SJ SBC7K.

Impact: RFC-5626 PING/PONG traffic may cause severe CPU utilization issues in the SBC.

Root Cause: RFC-5626 PING/PONG traffic was sent from the SAM process to the SCM process and back.

Steps to Replicate: Send a lot of RFC-5626 PING/PONG traffic.

Platform/Feature: SBC: Call Control

Investigate a PATHCHECK Process coredump.

Impact: The Pathcheck process may coredump (due to healthcheck timeout) when the zone tracerouteSigPort is enabled, and when the traceroute takes longer than 45 seconds to complete (after the endpoint becomes BLACKLISTED).

Root Cause: The Pathcheck process coredumps due to a healthcheck timeout when the traceroute to the BLACkLISTED endpoint takes longer that 45 seconds to complete.

Steps to Replicate: Enable the zone tracerouteSigPort, and configure an ipPeer in that zone that will become BLACKLISTED, and the traceroute to that ipPeer takes minutes to complete.

Platform/Feature: SBC

A double SCM core resulted in an outage.

Impact: A double SCM core resulted in an outage.

Root Cause: While building the outgoing IAD message, there might be a case where the null values for a request message result in incomplete From and To headers, and cause a crash as a result.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The STI and Privacy interactions are incorrect.

Impact: When the STIR/SHAKEN is enabled, a default privacy behavior was not given preference when the Privacy header is present in the ingress INVITE as follows:

1. The STIR/SHAKEN is generating PAI/Privacy:id headers for all services when the PSX IPSP, SIP HTP, or PrivacyProfile->passThruPrivacyInfo is not configured to send the PAI header out. “Add verstat to PAI” flag is set, the SBC was generating the PAI/Privacy: id to add the verstat to PAI when no PSX IPSP, SIP HTP, or PrivacyProfile->passThruPrivacyInfo is configured to send the PAI header out.
2. The PrivacyParamRestricted configuration must have preference over STI service. The PrivacyParamRestricted->default must anonymize the From and Contact headers when Privacy: user,id,header,or uri is present in the ingress INVITE even when STI is enabled.
3. The PrivacyProfile configuration should be given preference over STI, when a privacy profile is configured to “applyPrivacyId/supportPrivacyId” and STI should not generate PAI/Privacy: id for any service.
4. The STIR/SHAKEN is removing the “Privacy: User” header from the egress signal after anonymizing From and Contact header, when the IPSP Privacy->Transparency is enabled and Privacy: User header is present in the ingress INVITE.
5. Anonymization format should be based on Privacy->Privacy Information and variantType.

Root Cause: 

1. After the verification service, the verstat should either be added to the PAI or the From header. The “Add verstat to PAI” needs enhancement to enable adding the verstat to From if the PAI is not present in the egress signal.
2. The PrivacyParamRestricted->default behavior anonymizes the From and Contact headers when Privacy: user, id, header, or uri is present in the ingress INVITE. The STI was not giving preference to PrivacyParamRestricted->default anonymization behavior for the privacy: id.
3. The PrivacyProfile configuration was not given preference when the “applyPrivacyId/supportPrivacyId” is enabled, and the STI was generating PAI/Privacy: id headers.
4. The SBC will not remove privacy: user after just anonymizing the From and Contact header and let the downstream switch(es) perform further anonymization.
5. A preference was not given to Privacy information and variantType while determining the anonymization format.

Steps to Replicate: Configuration:

1. Configure the STI profile on the SBC and attach the profile on to both the ingress and egress TG.
2. Configure the STI profile for Signing/Tagging/Verification service on the PSX.

Observations:

1. When no PSX IPSP->Privacy, SIP HTP, or PrivacyProfile->passThruPrivacyInfo configuration is enabled and the From is anonymized in the egress INVITE, PAI/Privacy header is generated.
2. The Ingress TG->Signalling->PrivacyParamRestricted->default is configured. Observed that “From” and contact headers are not anonymized, if the privacy: id is present in the ingress INVITE.
3. When no PSX IPSP->Privacy, SIP HTP, or PrivacyProfile->passThruPrivacyInfo configuration is enabled and privacyProfile configuration is:
   • The PrivacyProfile is configured with the “applyPrivacyId” flag enabled. The PAI/Privacy header is generated when the Privacy: id is present in the ingress INVITE.
   • The PrivacyProfile is configured with the “supportPrivacyId” flag enabled. The PAI/Privacy header is generated.
   (Note: The PrivacyProfile behaviour without any STIR/SHAKEN interactions. When PrivacyProfile is configured to “applyPrivacyId” and attached to the ingress TG or when the “supportPrivacyId” is configured in egress TG, the SBC will remove PAI headers from egress INVITE when the Privacy:id header is received in the invite. When the privacyProfile with the “supportPrivacyId” is configured in the egress TG, the SBC will remove PAI headers from egress INVITE, irrespective of the Privacy header.)
4. The “Privacy: User” header is not present in the egress signal, when the IPSP Privacy->Transparency, SIP HTP or PrivacyProfile->passThruPrivacyInfo is enabled and the Privacy: User header is present in the ingress INVITE.
5. The From and contact headers has “Anonymous@Anonymous.invalid” as opposed to "Anonymous” <sip:Restricted>. If the privacy: user header is present in the INVITE and when IPSP->Privacy->Privacy Information is P-Preferred-Id or Remote-Info Party.

Platform/Feature: SBC

1. The STIR/SHAKEN does not generate the PAI/Privacy: id headers for any services when no control is set to send the PAI headers out(no PSX IPSP, SIP HTP or PrivacyProfile->passThruPrivacyInfo configured), one of the mentioned control must be set for the PAI header to go out. The “Add verstat to PAI” Flag is changed to the “Prefer PAI”, to enable sending verstat in From if PAI is not present in the egress INVITE.
2. The PrivacyParamRestricted->default anonymizes the From and Contact headers when the Privacy: user,id,header,or uri is present in the ingress INVITE. The PrivacyParamRestricted->default anonymization behaviour for privacy: id is retained even when the STI is enabled.
3. The PrivacyProfile is given preference over the STI service.
4. The SBC is not removing the “Privacy: User” header after anonymizing the From and Contact header as part of STIR/SHAKEN service, when the IPSP Privacy->Transparency is enabled and Privacy: User header is present in the ingress INVITE. This enables the downstream switch(es) to perform further anonymization.
5. The format of anonymized From and Contact headers when IPSP->Privacy->Privacy Information is P-Preferred-Id or Remote-Party-ID is retained even when the STI profile is enabled. The example below is for variantType,

Portfix SBX-94513: The Antitrombone will not have a kickstart but undesired pattern "PCR7400 Direct Media Antitrombone Call" is found in the dbg.

Impact: For a direct media call using X-dmi, the SBC is not preferring X-dmi over anti trombone direct media. This could cause one way or two way audio issue.

Root Cause: The SBC selects the Antitrombone direct media instead of X-dmi.

Steps to Replicate: 

1. Run a basic XDMI DM call
2. Run a basic DM with NAT call with XDMI
3. Run a basic Antitrombone call with XDMI enabled

Platform/Feature: SBC

Portfix SBX-96951: Unable to write to the CDR in the ATTEMPT record due to 3xx.

Impact: Run a redirect scenario and write a SMM CDR operation on the 302 message. The CDR information is not populated in the attempt record.

Root Cause: The CDR information is not being updated to CC in this scenario.

Steps to Replicate: 

1. Run a Redirect Scenario.
2. Write a SMM CDR operation on the 302 message.

Platform/Feature: SBC

Portfix SBX-93764: The CAC handling is not working with the REFER and INVITE with replaces to 7.2.x.

Impact: In MS Teams call flows, they support music on hold service by default. The “on hold” feature was implemented by sending a REFER to the SBC so that the SBC then generates an INVITE out to the MS Teams music server and the B-leg is then released. The "off hold" feature was added to have the MS Teams phone replace the music on hold server call leg. Customer's are running with the CAC enabled in the lab and have call limit set to 10. Every time the SBC gets an INVITE with replaces, it reduces the CAC count on the ingress trunk group and then eventually fails.

Root Cause: The issue is that the Trunk Group and the Zone CAC are being performed for call pickup. Since CAC has already been performed for a call that is being picked up, a double count occurs that causes incorrect CAC failures.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

A security patch drift for 7.2.4.

Impact: There are Nessus scan vulnerabilities.

Root Cause: There are Nessus scan vulnerabilities.

Steps to Replicate: Run a Nessus scan.

Platform/Feature: SBC

Portfix SBX-87180: Enable to trace with the TRC file SIP message outside the call, such as REGISTER and SUBSCRIBE.

Impact: Trace logs were not coming in the case of OOD when the trace level is set to 1 and the key is ipPeer

Root Cause: The current code does not send the TRC logs for OOD when the level is set to 1, and this option enabled now for OOD.

Steps to Replicate: Pre-Configuration:

-------------------------
admin@ELEANORSBX% show global callTrace | details
errorFilter {
errorType any;
}
maxTriggerCount 10;
callTraceTimer 111;
callFilter Naga {
state enabled;
level level1;
key peerIpAddress;
stopMatch unsupported;
match {
called "";
calling "";
contractor "";
redirecting "";
transferCapability unrestricted;
trunkGroup "";
peerIpAddress 10.54.81.11;
cddn "";
}
mediaPacketCapture disable;
}
signalingPacketCapture {
signalingPacketCaptureTimer 180;
state disable;
}
[ok][2019-04-19 14:44:24]

[edit]

In the configuration above, traces for all methods will be captured,

Platform/Feature: SBC

The heap-use-after-free in the DnsClientTcpMonitorDnsServerTimeout.

Impact: When using the DNS over the TCP, if there was a failure in reading from the TCP socket, the timeout processing was invoked for the outstanding DNS query and it was reading memory that has already been freed up.

Root Cause: This is an edge case error processing scenario where the pointers were being passed around internally and did not get updated to be null when the memory was freed.

Steps to Replicate: Issue was analysed based on a coredump and code review. The exact call scenario that caused the issue is unknown.

Platform/Feature: SBC

Portfix SBX-94486: The SBC was not releasing the other leg when call was disconnected during hold( MOH enabled).

Impact: The SBC is not releasing the other leg when call is disconnected during hold( MOH enabled).

Root Cause: This is a race condition in CC where the handler for the event ASG_DISC_CMD is not present for the CC state CC_VIRT_ESCR_VDREQ and as a result, the call is hung.

Steps to Replicate: 

1. Make a TEAMS to PSTN call.
2. The TEAMS holds the call (MOH).
3. The TEAMS disconnect the call during MOH.

Platform/Feature: SBC

The CE_Node2 log fill up disk space causing a switch over.

Impact: The SYS ERRs from the CpcGenericCodecIsRfc3389Applicable() were filling up the SYS log and CE_logs quickly.

Root Cause: Based on the analysis of genCodecData in SCM core file and source code inspection, a bug was found in CpcGenCodecCriterionMatch() that could return an unpredictable value when all attributes are invalid in a specified criterion. In the SCM core, call control blocks were found in the SIPSG with the GSM audio encoding that has all attributes set to invalid in the criterion.

Steps to Replicate: The steps cannot be reproduced.

Platform/Feature: SBC

The SBC drops a request from egress to a registered user.

Impact: Non-Invite messages may drop if received immediately after a registration/Subscribe from the AS.

Root Cause: When a request was sent out to the server, internally, it creates a control block for handling the response. When a Peer sends a request back with the same callId, the SBC found the control block that is wrong and causing the SBC to drop.

Steps to Replicate: A register an to B, and the B send message back the SBC.

Platform/Feature: SBC

A SIP-I Issue with HOLD for the SIP-I to SIP call.

Impact: The SIP-I body is not being sent out in a re-INVITE for HOLD.

Root Cause: The SIP subsystem is making a dip into the ISUP stack with wrong even type, that's why ISUP stack is not returning SIP-I body to be sent with.

Steps to Replicate: It is a complex scenario that is run into this situation when the re-INVITE for HOLD is to be sent out. It requires multiple offer/answers before the call is setup to end up in this situation. 

Platform/Feature: SBC: SIP Applications

If flag is set for PROGRESS and MID_CALL_INFO, the precedence is set to send the event as PROGRESS for dipping into the ISUP stack for ISUP body.

Portfix SBX-95851: The LeakSanitizer detected memory leaks in the DiamCsvAddPeer.

Impact: Unable to resolve the SRV fqdn for a diameter peer. Without this fix, the diameter connection cannot be established towards the diameter peer.

Root Cause: The wrong domain name is attached to diameter peer when a peer is created with the SRV domain fqdn internally in code.

Steps to Replicate: Create a  diameter peer with SRV fqdn.

Platform/Feature: SBC

Portfix SBX-94619: The intel microcode bundle is not the latest version.

Impact: There are vulnerabilities in hardware.

Root Cause: The CPU microcode is outdated.

Steps to Replicate: Run the Spectra-melt-down script on a host and check vulnerabilities.

Platform/Feature: SBC

Observing the CLI port SWO in the M-SBC is causing the MGMT link to go down.

Impact: On the CLI port, a switchover on packet interface has random connectivity loss for few seconds on other interfaces.

Root Cause: A bug in SWe_NP code was picking the incorrect NIF control blocks for standby ports causing intermittent signalling packet loss and a loss of ICMP packets resulting in connectivity failures. This happens specifically on high call loads, when workers are at 80% capacity.

Steps to Replicate:

1. Bring up setup with port redundancy and perform multiple CLI switch over.
2. Observe the link status of various ports.

Platform/Feature: SBC

The EMA receives a Proxy error whenever an operation takes a long time to complete.

Impact: When the user navigates to a SIP trunk group or DM PM rule creation screen, there is no response from the UI and after approximately a 2 minute interval, "Proxy error" is shown to the user.

Root Cause: The EMA reads the DM PM Rule, DM PM Sub Rule and DM PM Criteria data from the CDB through the Netconf interface. With a large amount of data, there is a significant delay in rendering the UI. The request from the browser times out, resulting in a Proxy Error to the user.

Steps to Replicate:

1. Configure more than 25,000 DM PM Criterias and more than 25,000 DM PM Rules.
2. Navigate to a SiP Trunk Group Creation Screen or DM PM Rule creation screen.
3. The create screen does not load and after some time results in Proxy error.

Platform/Feature: SBC

Instead of a CDB, the EMA reads the data for DM PM Rule, DM PM Sub Rule and DM PM Criteria directly from the Oracle Database, reducing the delay to a larger extent in rendering the UI.

When the Copy Trunk Group operation is performed, it can take up to 3 minutes to complete the copy operations. The 3 minute delay is due to the EMA performing some additional operation compared to new TG creation.

Portfix SBX-91481: The SamP cored. (Originated in release 6.2.4)

Impact: Under certain conditions, the SBC sends out a duplicate OPEN_ACK, causing the receiving GW to crash.

Root Cause: A bug in the GW Signaling code can cause a duplicate OPEN_ACKS to send when GW Signaling Links are bouncing.

Steps to Replicate: This problem is not reproducible.

Platform/Feature: SBC

Portfix SBX-87861: While performing a port switchover, the SBC active performed a reboot and the Standby did not takeover the calls. (Originated in release 8.1.0)

Impact: An SWe_NP thread hang was observed on a packet port pull out.

Root Cause: A cable pull was calling a reset on an interface that may take more than 5s on a thread health check threshold, causing the thread to lock on reset.

Steps to Replicate:

1. Bring up setup in port redundancy setup.
2. Cable pull packet interface to trigger port switchover.

Platform/Feature: SBC

Failover from Node-A to Node-B.

Impact: Healthcheck failure while switching from nodeA to nodeB.

Root Cause: Functions that configure the DRBD subsystem are taking longer and causing a health check timeout.

Steps to Replicate: Switchover from Active to standby.

Platform/Feature: SBC

The ipPeerCurrentStatistics and ipPeerIntervalStatistics are not working.

Impact: Getting the IP peer current statistics for individual IP peers was not working. The issue is reproduced when multiple IP peers are configured under the same zone.

Root Cause: Multiple IP Peers must be configured under same zone to reproduce this issue. When obtaining specific peer statistics, the peer name comparison within the same zone was missing.

Steps to Replicate: Configure multiple IP Peers under the same zone and then execute the command to obtain IP Peer Current/Interval statistics for a specific peer.

Platform/Feature: SBC

Portfix SBX-90947: The NP process core dumped while running a load on the HA setup.

Impact: A random SWe_NP crash occurs on a standby node while running a transcoded load.

Root Cause: RTCP resources are not managed properly by application layer on standby node. This causes a restart of already running timers on the SWe that causes a race and random crash.

Steps to Replicate:

1. Run a large number of transcoded calls, on HA pair.
2. Perform multiple swtichovers of SWE_NP coredump will be observed on standby node.

Platform/Feature: SBC

The SIP calls drop with vertical service code *65 after a minute.

Impact: The SBC is not able to send ACK to the Egress for call to connect.

Root Cause: A logical error when combined with multi features (e2eAck, e2eReInvite, and DLRBT).

Steps to Replicate:

1. Configure the e2e Ack, e2e reInvite, and DLRBT.
2. Egress response 183(sendrecv), 183(onhold), 180(no SDP), 200OK(sendrecv).
3. Peer change the SDP in 18x/2xx response causing internal offer/answer.
4. Ingress peer sends the reInvite right after ACK, causing internal state not able to send ACK out.

Platform/Feature: SBC

The SBC failed over DEADLOCK detected and a ScmP core was generated as a result.

Impact: Access the NULL pointer in NRMA when deleting a tone profile.

Root Cause: The given targets name does not exist.

Steps to Replicate: Use CLI command to delete the non-existing announcement tone profile.

Platform/Feature: SBC

The SCMP coredump was related to ARS.

Impact: The SCM process may core dump when the SIP signaling port is out of service, and if calls are in progress and a SIP transaction timeout occurs.

Root Cause: If the SIP signaling port is out of service, and if calls are in progress and a SIP transaction timeout occurs.

Steps to Replicate: The steps cannot be replicated.

Platform/Feature: SBC

Observed "SamProcess" core dump on an active box while running SIP-GW (cyclic) calls.

Impact: The SBC may core if the GW Signaling Port configuration is disabled while GW Signaling Link is up.

Root Cause: The core is caused by an attempted NULL pointer access.

Steps to Replicate: Disable the GW Sig Port while GW Sig Link is up.

Platform/Feature: SBC

When running the 7.2.1R2 release, the SBC is responding with 'a=inactive' instead of 'a=sendrecv' in a 200OK SDP to late media re-invite, causing no audio.

Impact: It was not RFC compliant to send a=inactive to the late media re-INVITE after peer put the SBC on hold.

Root Cause: A missing requirement.

Steps to Replicate:

Step 1: Generate SIP scripts for a call flow.
Step 2: Setup 7.2.1 system without a fix.
Step 3: Run the call flow to see that the problem is observed.

Platform/Feature: SBC

A possible memory leak in the Sam process.

Impact: The SAM process will leak memory in the case where a De-REGISTER is received and then within less than 30 seconds, another REGISTER in the same AOR is received. This will only happen if multiple contacts in the AOR flag is disabled.

Root Cause: The code does not free certain memory blocks.

Steps to Replicate:

1. Multiple contacts per AOR flag will be disabled
2. Do a Register for particular AOR and do a de-register.
3. Within less than 30 secs, re-send the registration for same AOR so that SIPFE selects the same preferred slot which was used for registering the same AOR earlier. By registering multiple users with same time period, leak will be reproduced.

Platform/Feature: SBC

Observing a box reboot while the application is coming up as standby after a port-failure.

Impact: After a node switchover, the standby node may reboot while the application is coming up.

Root Cause: During a node switchover, when application comes up on standby node, the health monitoring for worker thread fails because of an incorrect evaluation of CPU cycles spent by the thread. A failure to health monitoring causes the standby node to reboot.

Steps to Replicate:

Execute node switchover with the following steps:
1) Bringing down all active ports.
2) Applying the appropriate CLI command.
3) Fail the application on the active node.

Platform/Feature: SBC

Portfix SBX-93469: The DFW1-CASBC-02 Box A had a SCMP coredump. (Originated in release 7.2.3)

Impact: The SBC cored when accessing Box A, switching over to Box B instead.

Root Cause: Enabling the SDP transparency and the directMediaAllow to show a simple 18x response from the peer may cause a core dump due to access from an invalid address.

Steps to Replicate: Disable either the SDP transparency or the directMediaAllow.

Platform/Feature: SBC

The SBC is releasing the call with 504 when the DLRB and Downstream Forking are enabled.

Impact: The SBC releasing the call with 504 when the DLRB and Downstream Forking are enabled.

Root Cause: The race condition is not handled properly. When first 180 message without SDP is received, the forking list and stored the message were updated. The second time the 180 message with SDP was received, the forking list and stored the 180 message were updated, but since RTP learning was applied earlier, it was not replicated again.

Steps to Replicate: Send the RTP before sending the 180 Ringing (CSeq: 961529 INVITE RSeq: 629928).

Platform/Feature: SBC

The WALL Signaling PSBC10A01 cored.

Impact: When the MRF Modify is received, the MRFRM fsm state must be OA_ACTIVE. But in this issue, the state is leading to incorrect typecasting.

Root Cause: The defensive was checked.

Steps to Replicate: Run the MRF load.

Platform/Feature: SBC

The SBC Memory has High alerts.

Impact: When the Local Ring back tone is configured on the SBC and egress endpoint sends a 183 Session Progress with SDP followed by a 180 Ringing, the ScmProcess does not free up memory allocated even after call is completed. Without a fix, the ScmProcess will leak memory.

Root Cause: When the Local Ring back tone is configured on the SBC and egress endpoint sends a 183 Session Progress with SDP followed by a 180 Ringing, the ScmProcess does not free up memory allocated even after call is completed.

Steps to Replicate: Run a call load with the Local Ring back tone configured and monitor the virtual memory usage of the ScmProcess.

With a fix, the virtual memory of ScmProcess must not be high after all calls have been disconnected.

Platform/Feature: SBC

SBCv6 Unexpected 183 (CPG) sending - out of PER6608 spec.

Impact: Early cut through may not work for trusted configured RTP Servers on system restart.

Root Cause: The system restores the SIP service group data before the RTP Server data which is incorrect.

Steps to Replicate:

Provisioned the rtpServerTable (OLIVER_RTP_SRV_TBL), and associated it which the egress sipTrunkGroup SBXSUS9_LABSIP2
(as shown below):

admin@sbxsus9> show configuration details addressContext default rtpServerTable OLIVER_RTP_SRV_TBL
rtpServer 10.8.20.75 32;

admin@sbxsus9> show configuration details addressContext default zone ZONE4 sipTrunkGroup SBXSUS9_LABSIP2 media earlyMedia
method rtpServerTable;
rtpServerTableName OLIVER_RTP_SRV_TBL;
forkingBehaviour lastReceivedSdp;

Platform/Feature: SBC

Outbound call Failing with 488.

Impact: Transcode call, after 40 onhold/offhold, call fail.

Root Cause: Internal process Nrma TransactionId did not reset properly after wraparound (12 bits limit). As resulted, it is sending the same transactionId for allocating DRM resources for both Ingress and Egress legs.

DRM reject due to duplicated transactionId.

Steps to Replicate: sip-sip call with transcoding. Call fail after 40 onhold/offhold.

Platform/Feature: SBC

The P-SBC Openstack installation fails with an OAM node and core dumps.

Impact: Upgrade fails if any of the SNMP trap targets are 32 characters in length.

Root Cause: Right sized buffer was allocated to fetch data from the database but passed incorrect length field to database API. In the case where the field being fetched has max allowed length, the API fails because the API verifies that there is not enough room to terminate the field with NULL.

Steps to Replicate:

1. Create SNMP trap target of 32 character long.
2. Attempt to upgrade.
3. The upgrade will fail.
4. Perform upgrade with the fix, and the upgrade will succeed.

Platform/Feature: SBC

CS04A01 lost communication with the CM04A04. Post-recovery, other M-SBCs cannot talk to the CM04A04.

Impact: The IPv6 address becomes unreachable in standby port cable pull scenarios.

Root Cause: The SWe code was not handling saving the multicast mac address list and re-applying it on the hardware port during a link up/down event for standby ports.

Steps to Replicate:

1. Bring down any standby port by cable pull on host.
2. Configure a new IPv6 address on that PKT port.
3. Re-insert the cable for same standby port.
4. Do a port switchover by plugging out active physical port's cable so that the standby becomes active for same port.
5. Ping the new configured IP from in step 2 from outside. The ping will result in a failure.

Platform/Feature: SBC

Portfix SBX-94115: The I/O scheduler was incorrectly configured after upgrade.

Impact: Kernel scheduling issues are causing intermittent issues, including lost pings across the HA interface. The lost pings induce a split brain and subsequent split brain recovery. Transient calls are lost during the split brain and recovery, and depending on call flow, stable calls may be lost as well.

Root Cause: The I/O scheduler is being reverted from 'deadline' to 'noop' due the upgrade due to a bug in the upgrade script.

Steps to Replicate: After upgrade to 6.2.x or 7.x, verify the scheduler with the following command:

cat /sys/block/sda/queue/scheduler

The output must show brackets around deadline to indicate it is in use, for example:

[root@SBX24-154a log]# cat /sys/block/sda/queue/scheduler
noop [deadline] cfq

Platform/Feature: SBC

There is a core dump during an A to B tandem call in (GSX)SIP-gw-gw-SIP(SBX) when the egress IP Signaling Profile is not configured.

Impact: The GSX-SIP-Gw-Gw-SIP-SBX has a core dump in the SBC if the egress Signaling Profile is not attached.

Root Cause: The issue was found by providing a fix to another issue, not through attempting a call with no egress signaling profile attached.

Steps to Replicate: Make an A to B call using the GSX-SIP-Gw-Gw-SIP-SBX and on the egress TG in the PSX. Do not attach the egress Signaling Profile. These steps will result in a core dump.

Platform/Feature: SBC

Portfix SBX-93799: A SCM process coredump was observed when the sipParamFilterProfile is configured.

Impact: This issue is a result of a bug in a previous release (Configuring multiple JJ9030 profiles in a single commit does not work) fix.

Root Cause: Reading the Profile XML tag from the confd when the confd iterator is not pointed to a profile.

Steps to Replicate:

Configure the sipParamFilterProfile as shown below:
1. Set the profiles services sipParamFilterProfile as a Test sipHeader to require action passthru all.
2. The SBC will generate SYS_ERROR when the confd iterator is not pointed to the profile.

Platform/Feature: SBC

Support of Identity headers with multiple values.

Platform/Feature: SBC

Impact: The SBC supports standalone multiple Identity headers but does not support single Identity headers with multiple values, each comma separated. 

Workaround: Use the SMM to separate out the comma separated list into individual standalone Identity headers.

SBX-94948

On attaching dnsGroup to zone, the SBC failed to link dnsGroup Id with all the TGs of the corresponding zone.

Platform/Feature: SBC

Impact: The SBC uses an incorrect DNS group to resolve the FQDN associated with diameter peer.

Workaround:

1. After setting the dnsGroup configuration, perform a manual switchover (so during an application restart and all configuration restored properly).
2. The dnsGroup has to be attached to zone before creating TGs under this zone. When a new TG is created under the zone, it will read as a configured dnsGroup id.

Impact: Interception of LI calls fail during upgrade (for instance, when the setup has S-SBC and the M-SBC running on different versions). The impact is only for in-service upgrade. No impact with respect to LI calls, when the VNF is brought down and re-created for upgrade..

Workaround: No workaround available.

Impact: In the rare case where a PRACK for 18x is dropped and the call eventually fails, a small leak of SCM memory can occur.

Workaround: No workaround available.

When a headend cluster configuration is pushed, the Standby SBC reboots and hangs without getting the Configuration.

When a Standby SBC is rebooted, it transitions to registered online then later unregistered offline. This also happens in #1, Standby reboot after Configuration is pushed.

Platform/Feature: SBC Core: EMA

Impact: When a headend cluster configuration is pushed, Standby SBC fails to download the configuration and so fails to come up properly.

Workaround: To resolve the above issue, the fill rate and bucket size needs to be increased in lca.py script and the Standby SBC system needs to be rebooted so that it can download the configuration again.

CallMedia and CallDetailstatus do not show in the EMA during the load run.

Platform/Feature: SBC Core: EMA

Impact: Call details Status and Call Media Status are intermittently not visible in the EMA.

Workaround: Call details status and Call Media status can be viewed from CLI.

Impact: Under load with 30,000 simultaneous NP tones playing M-SBC switches over. M-SBC system confirmed to perform fine up to 28,000 simultaneous NP tones.

Workaround: No workaround available.

SBX-86003

Impact: The peer may reject the call.

Workaround: No workaround available.

The SBC did not like the <4K size INVITE PDU since the maxPduSizeValue = 6K.

Platform/Feature: SBC

Impact: A PDU of a size less than 6K is rejected with 400 Bad Request, when maxPduSizeValue is set to 6K.

Workaround: Increase the maxPduSizeValue to 15k.

An LSWU Upgrade from 7.0 to 7.1 failed.

Platform/Feature: SBC 5000/7000 Series: Application

Impact: While upgrading from pre-7.1 releases to 7.1 and 7.2 releases, if the SNMP trap targets are setup with <space> in the name field then the upgrade fails. This affects all the platforms (SBC 5xxx/7xxx/SWe).

Workaround: Prior to the upgrade, the user must check and delete/replace any trap targets that are setup with <space> in the name.

Call fail after onhold and offhold.

Platform/Feature: SBC Core: SIP Application

Impact: A call onhold/offhold before being connected by Update may fail.

Workaround: Enable E2E Update.

A race condition occurs under a 3x load scenario where MRF is configured as FQDN and none of the MRF server responds.

Platform/Feature: SBC: DSBC

Impact: The SCM process may core dump.

Workaround: No workaround available.

Impact:

The RTP monitoring feature will not work for IPv6 terminated peers, and therefore the following behavior will be observed.

1. If The SBC is in tone playing state and expecting media cut through after successful monitoring, the SBC will continue the tone play even though the expected RTP packet count is received, which is discarded by the SBC because of this issue.
2. If the SBC does not have conditions for delayed tone play, is not in tone playing state and is expecting media cut through after successful monitoring, the SBC will discard media packets because of this issue.
3. If the SBC has conditions for delayed tone play, is not in tone playing state, and is expecting media cut through after successful monitoring, the SBC will discard media packets because of this issue and therefore the delayed tone play starts because of the monitoring failure.

Workaround: no workaround for IPv6, but the same feature works for IPv4.

Impact: A PDU of a size less than 6K is rejected with 400 Bad Request, when maxPduSizeValue is set to 6K.

Workaround: Increase the maxPduSizeValue to 15k.

An LSWU Upgrade from 7.0 to 7.1 failed.

Platform/Feature: SBC 5000/7000 Series: Application

Impact: While upgrading from pre-7.1 releases to 7.1 and 7.2 releases, if the SNMP trap targets are setup with <space> in the name field then the upgrade fails. This affects all the platforms (SBC 5xxx/7xxx/SWe).

Workaround: Prior to the upgrade, the user must check and delete/replace any trap targets that are setup with <space> in the name.

SBX-74179

1

Impact: IPv6 with X710 NIC cards in SRIOV mode will not work as multicast packets will be dropped by the PF.

Workaround:

Set the trust mode to "on" for all the VFs on the computes.

ip link set dev <PF name> VF <vf id> trust on

This needs to be done for all computes and all created VFs (this change is not persistent across reboots). This will allow Multicast promiscous mode to work.

Otherwise, add a static neighbor table entry on the remote servers connecting to the SBC using the following command:

ip -6 neigh add <IPv6 address> lladdr <link-layer address> dev <device>

SBX-73218

Platform/Feature: SBC CE: Application

Impact: Virtual ports intermittently stop responding on compute node running on RHOSP 13 (Queens) under certain conditions. Specifically, at 1000 RPS with refresh registration interval at 180 seconds, virtual ports stop responding after reaching 500K registrations. This issue is not seen when the refresh registration interval is configured as 200 seconds and above

Workaround: Use SR-IOV ports only when using RHOSP 13 (Queens) release.

SBX-73943

The SBC does not add all codecs when Update is received with updated SDP from egress and sends 200 OK for Update with all supported codecs towards egress, the SBC is playing tone.

Platform/Feature: SBC Core: Application

Impact: The call signaling and media work properly, but media clipping can occur if the final cut-thru codec received from UAS is different from the codec that is being used for playing tone. 

Workaround: No workaround available.

SBX-74945

Unable to commit pkt and sip-sig config with single commit command. An error message is thrown when the commit command is given.

Platform/Feature: SBC Core: CLI

Impact: Commit cannot be issued in for all set commands until the ipInterfacegroup is committed.

Workaround: Commit should be issued for ipInterfacegroup first and then commit for the remaining set commands can be executed.

SBX-73660

Unable to view TRAPS under Fault Management in Cloud-ISBC (Openstack Nova Platform) in EMS.

Platform/Feature: SBC CE: Application, EMA/EMS

Workaround: Add a static route to EMS from the SBC through management interface.

Memory congestion was observed when executing around 64K calls in the 32GB SWe system.

Platform/Feature: SBC SWe: SIP-Peering

Impact: On a SWe system with 32GB 32vCPU, the SBC is only able to scale up to 60K calls instead of 64K, due to per call memory increase.

Workaround: No workaround available.

Observing 503 response for more time post port SWO in S-SBC.

Platform/Feature: SBC CE: Application

Impact: The load is 1000cps/120K calls. After doing port SWO on S-SBC, SBX rejects calls with a 503 response for 86 seconds. Later SBX again responds with 503 responses for approx 36 seconds. After that, it stabilizes.

Workaround: No workaround available.

The SBC is not able to handle 150 Sa/Sec IPsec load on the Yellowfin Platform.

Platform/Feature: SBC 5000/7000 Series: SIP

Impact: If the rate for IPsec SA setup using IKE is increased beyond 60 SA/s, errors are seen.

Workaround: No workaround available.

SBX-72652

The PSBC observing system is in continuous iRTT congestion during the overload test.

Platform/Feature: SBC CE: Application

Impact: IRTT congestion is observed continuously for the 15 mins duration of 3x overload. There is no congestion during normal 1x load. This is 1000cps/120K in DSBC (PSBC).

Workaround: No workaround available.

The SBC failed to generate Enum lookup after updating the dynamic metaVariable.

Platform/Feature: SBC CE: Application

Impact: Enum lookup fails to generate if the meta variable related to sipSigPort (used for the Enum lookup) is dynamically updated.

Example:

Before updating sipSigPort with new dynamic metaVariable:

admin@vsbc1% show global servers lwresdProfile

lwresdProfile DEFAULT {

    description          DEFAULT;

    enumDomainNameLabel  DEFAULT_ZONE_LABEL;

    enableLwresdLog      disable;

    type                 signalingIp;

    addressContext       default;

    eDnsGlobalBufferSize 4096;

    eDnsMonitorInterval  120;

    zone                 ZONE_ING_V6;

    sipSigPort           3;

    ipInterfaceGroupName LIG_ING_V6;

}

admin@vsbc1% show addressContext default zone ZONE_ING_V6 sipSigPort

sipSigPort 3 {

    ipInterfaceGroupName      LIG_ING_V6;

    portNumber                5060;

    mode                      inService;

    state                     enabled;

    transportProtocolsAllowed sip-udp,sip-tcp;

    ipVarV6                   IF2.IPV6;

}

[root@VSBCSYSTEM-vsbc1 linuxadmin]# lsof -ni:5060

COMMAND     PID       USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME

CE_2N_Com 32059 sonusadmin  110u  IPv6 3716854      0t0  UDP [fd00:10:6b50:5d20::c9]:sip

CE_2N_Com 32059 sonusadmin  111u  IPv6 3716855      0t0  TCP [fd00:10:6b50:5d20::c9]:sip (LISTEN)

CE_2N_Com 32059 sonusadmin  112u  IPv6 3716856      0t0  UDP [fd00:10:6b50:5d20::a9]:sip

CE_2N_Com 32059 sonusadmin  113u  IPv6 3716857      0t0  TCP [fd00:10:6b50:5d20::a9]:sip (LISTEN) 

ENUM query is successful from sipSigport (fd00:10:6b50:5d20::a9)

After updating sipSigport to new dynamic metaVariable:

admin@vsbc1> show table system metaVariableDynamic

CE NAME              NAME     VALUE                 

-----------------------------------------------------

vsbc1-10.34.195.109  lpl_egg  fd00:10:6b50:5d20::c9 

vsbc1-10.34.195.109  lpl_ing  fd00:10:6b50:5d20::c7 

admin@vsbc1% show addressContext default zone ZONE_ING_V6 sipSigPort

sipSigPort 3 {

    ipInterfaceGroupName      LIG_ING_V6;

    portNumber                5060;

    mode                      inService;

    state                     enabled;

    transportProtocolsAllowed sip-udp,sip-tcp;

    ipVarV6                   lpl_ing;

}

[root@VSBCSYSTEM-vsbc1 linuxadmin]# lsof -ni:5060

COMMAND     PID       USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME

CE_2N_Com 32059 sonusadmin  110u  IPv6 3716854      0t0  UDP [fd00:10:6b50:5d20::c9]:sip

CE_2N_Com 32059 sonusadmin  111u  IPv6 3716855      0t0  TCP [fd00:10:6b50:5d20::c9]:sip (LISTEN)

CE_2N_Com 32059 sonusadmin  112u  IPv6 3716856      0t0  UDP [fd00:10:6b50:5d20::c7]:sip

CE_2N_Com 32059 sonusadmin  113u  IPv6 3716857      0t0  TCP [fd00:10:6b50:5d20::c7]:sip (LISTEN)

ENUM query is not picking new sipSigport (fd00:10:6b50:5d20::c7) updated with dynamic metaVariable

Workaround: Do not update the metavvariable associated with a sipSigPort if Enum is being used.

Example:

Don't update the sipSigport to new metaVariable

admin@vsbc1% show addressContext default zone ZONE_ING_V6 sipSigPort

sipsigPort 3 {

    ipInterfaceGroupName      LIG_ING_V6;

    portNumber                5060;

    mode                      inService;

    state                     enabled;

    transportProtocolsAllowed sip-udp,sip-tcp

    ipVarV6                   IF2.IPV6;

}

The SBC VM is failing to join back the cluster post switchover after healing (Recreate_destroy) N:1 MSBC VM.

Platform/Feature: SBC CE: Install/Upgrade(Platform)

Workaround: There is no workaround that is not service impacting.  Do not execute the Recreate_destroy option on a VM that has DHCP enabled.

The IPv6/v4 Interface update with a new dynamic meta Variable is not deleting the old IP address.

Platform/Feature: SBC CE: Application

Impact: The old IP address is not getting deleted when the ipInterfaceGroup is updated with new dynamic meta variable.

Example:

Before updating ipInterfaceGroup with dynamic metaVariable:

admin@vsbc1> show table system metaVariable | match IF2.IPV6

vsbc1-10.34.195.109  IF2.IPV6      fd00:10:6b50:5d20::a9 

admin@vsbc1% show addressContext default ipInterfaceGroup LIG_ING_V6

ipInterface PKT_ING_V6 {

    ceName      SSBCACTIVE;

    portName    pkt0;

    mode        inService;

    state       enabled;

    ipVarV6     IF2.IPV6;

    prefixVarV6 IF2.PrefixV6;

    vlanTagVar  IF2.VlanId;

}

pkt0.609  Link encap:Ethernet  HWaddr fa:16:3e:ee:70:92 

          inet6 addr: fd00:10:6b50:5d20::a9/60 Scope:Global

          inet6 addr: fe80::f816:3eff:feee:7092/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:8954 errors:0 dropped:0 overruns:0 frame:0

          TX packets:9060 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:780288 (762.0 KiB)  TX bytes:902476 (881.3 KiB)                                                          

Creating dynamic metaVariable:

admin@vsbc1> show table system metaVariableDynamic

CE NAME              NAME  VALUE                 

--------------------------------------------------

vsbc1-10.34.195.109  lpl   fd00:10:6b50:5d20::cf 

vsbc1-10.34.195.110  lpl   fd00:10:6b50:5d20::ff 

[ok][2018-11-13 07:11:41]

After updating ipInterfaceGroup with dynamic metaVariable (lpl) old IP (IF2.IPV6) is not deleted from interface

admin@vsbc1% show addressContext default ipInterfaceGroup LIG_ING_V6

ipInterface PKT_ING_V6 {

    ceName      SSBCACTIVE;

    portName    pkt0;

    mode        inService;

    state       enabled;

    ipVarV6     lpl;

    prefixVarV6 IF2.PrefixV6;

    vlanTagVar  IF2.VlanId;

}

pkt0.609  Link encap:Ethernet  HWaddr fa:16:3e:ee:70:92 

          inet6 addr: fd00:10:6b50:5d20::a9/60 Scope:Global

          inet6 addr: fe80::f816:3eff:feee:7092/64 Scope:Link

          inet6 addr: fd00:10:6b50:5d20::cf/128 Scope:Global

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9093 errors:0 dropped:0 overruns:0 frame:0

          TX packets:9209 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:792396 (773.8 KiB)  TX bytes:917382 (895.8 KiB)

Workaround: To change an addressContext ipInterfaceGroup to use a different ipVarV6 you must delete the ipInterfaceGroup and recreate it.

Example:

Delete the interface group:

 delete addressContext default ipInterfaceGroup LIG_ING_V6

Create interface group with new dynamic metaVariable:

admin@vsbc1% show addressContext default ipInterfaceGroup LIG_ING_V6

ipInterface PKT_ING_V6 {

    ceName      SSBCACTIVE;

    portName    pkt0;

    mode        inService;

    state       enabled;

    ipVarV6     lpl;

    prefixVarV6 IF2.PrefixV6;

    vlanTagVar  IF2.VlanId;

}

pkt0.609  Link encap:Ethernet  HWaddr fa:16:3e:ee:70:92 

          inet6 addr: fd00:10:6b50:5d20::cf/60 Scope:Global

          inet6 addr: fe80::f816:3eff:feee:7092/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9093 errors:0 dropped:0 overruns:0 frame:0

          TX packets:9209 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:792396 (773.8 KiB)  TX bytes:917382 (895.8 KiB)

 Note: Similar procedure for IPV4.

The RTCP port is not transparently passed in Direct Media.

Platform/Feature: SBC Core: Application

Impact: In case of a Direct Media call, the SBC will add an RTCP port in the outgoing INVITE SDP, when RTCP is enabled on Egress PSP and the RTCP port was not received in the incoming INVITE SDP.

Workaround: Disable RTCP flag on Egress PSP.

set profiles media packetServiceProfile PSP_DM_DTLS rtcpOptions rtcp disabled