SBC Core 08.02.00R000 Release Notes

Table of Contents

About SBC Release Notes

This release note describes new features, the latest hardware and software requirements, known limitations and other pertinent release information for the latest release of SBC Core.

Related Documentation

The SBC Core 08.02.xx documentation is located at the following Wiki space: SBC Core 8.2.x Documentation.

Release Notes Use and Distribution

Ribbon Release Notes are protected under the copyright laws of the United States of America. This work contains proprietary information of Ribbon Communications, Westford, MA-01886, USA. Use, disclosure, or reproduction in any form is strictly prohibited without prior authorization from Ribbon Communications.

Associated Ribbon Announcements

The following Ribbon announcements (formerly known as WBAs) are referenced in this release note:

• Warning-17-00022847: The DNS configuration parameters within the address contexts may cause certain configurations to fail during an upgrade
• Warning-17-00022689: Duplicate Trunk Group or Zone names can cause unexpected behavior
• Warning-14-00020748: Verify system and databases are fully in sync prior to Live Software Upgrade (LSWU). Applies to all SBC platforms (HW, SWe, Cloud) except for SBC's deployed in a Distributed SBC (D-SBC) architecture.

• Bulletin-18-00028529: The System Security Intrusion Detection AIDE Reports False Positive Alarms

• Warning-21-00029972: The SBC upgrade may truncate the SQL configuration database due to too many historical alarms.

Problems or Questions

For problems or questions, contact the Global Support Assistance Center:

Ribbon Support Portal: https://ribboncommunications.com/services/ribbon-support-portal

Voice: +1-833-RIBBON1 (1-833-742-2661)

About SBC Core

The SBC Core platforms address the next-generation needs of SIP communications by delivering media transcoding, robust security and advanced call routing in a high-performance, 2RU, and 5RU form-factor devices enabling service providers and enterprises to quickly and securely enhance their network by implementing services like SIP trunking, secure Unified Communications and Voice over IP (VoIP).

For more product information, refer to the section About SBC Core in the main documentation space.

Interoperability

The SBC Core software interoperates with the following:

• SIP/H.323 compliant IADs and IP-PBXs
• PSX Policy Server Softswitch via SIP redirects and/or Diameter+ protocol
• SBC 9000 through SIP call signaling and Networks MCS protocol

H.323-SIP and SIP-H323 Calls

When using H.323-SIP and SIP-H.323 call flows, an additional Re-invite/Update may get generated towards the SIP side. To suppress this, enable the IP Signaling Profile (IPSP) flag Minimize Relaying Of Media Changes From Other Call Leg at the SIP side.

• For CLI IPSP flag details, refer to Flags - CLI.
• For EMA IPSP flag details, refer to Common Ip Attributes - Flags.

Compatibility with Ribbon Products

Refer to SBC Core Portfolio Interoperability Matrix for the latest and minimum compatible product versions supporting the 08.02.00R000 release.

Sample Heat Templates Included in This Release

To instantiate the SBC instances, the following templates can be used:

SBC SWe Cloud Requirements for OpenStack

The system hosting the SBC SWe Cloud must meet the below requirements for OpenStack:

The system hosting the SBC SWe must meet the following requirements to achieve the performance targets listed: 

OpenStack Requirements

The SBC SWe supports the following OpenStack environments:

• Newton with RHOSP 10 and RHEL 7.4
• Queens with RHOSP 13 and RHEL 7.5

SBC SWe Requirements for KVM

The following table lists the server hardware requirements.

SBC SWe Requirements for VMWare

The following table lists the server hardware requirements:

Requirements for Using the Infrastructure as Code Environment with SBC SWe

The following tarball file is required to use the IaC environment to deploy SWe N:1 deployments on VMware:

•  iac-1.1-20190808-060356.tar.gz

The environment in which you place and expand the IaC tarball must include:

• A Linux server running RedHat Enterprise Linux (RHEL), CentOS 7 or Debian 9
• Python 2.7 or later
• An internet connection for downloading and installing additional files that may be required for your deployment
• Root access on the instance or ability to become root (for example, using sudo su -)
• Access to the vSphere ESXi host IP from the Linux server where the IaC environment is set up.

For more information on IaC, refer to  Using the Ribbon IaC Environment to Deploy SBC SWe on VMware.

Required Software and Firmware Versions

The following SBC 51x0/52x0, SBC 5400 and SBC 7000 software and firmware versions are required for this release. For 5xx0, the BIOS is installed during application installation; whereas, for 5400 and 7000, the BMC/BIOS is included in the firmware package and installed during the firmware upgrade. 

How to Verify Currently Installed Software/Firmware Versions

Use the EMA to verify the currently installed software and firmware versions.

Log on to the EMA, and from the main screen navigate to Monitoring > Dashboard >  System and Software Info.

Software Bundles

The following software release bundle is available for download from the Customer Portal:

• SBC5x7x_8.2

Download the appropriate software packages for your desired configuration from the Customer Portal (https://ribboncommunications.com/services/ribbon-support-portal-login) to your PC:

SBC 5000 Series (51x0/52x0) Firmware

• firmware-5XX0-V03.21.00-R000.img

• firmware-5XX0-V03.21.00-R000.img.md5

• bmc5X00_v3.21.0-R0.rom.md5sum

• bmc5X00_v3.21.0-R0.rom

SBC 5400 Firmware

• firmware-5400-V03.21.00-R000.img
• firmware-5400-V03.21.00-R000.img.md5

SBC 7000 Series Firmware

• firmware-7X00-V03.21.00-R000.img
• firmware-7X00-V03.21.00-R000.img.md5
  
  

SBC Core Operating System Installation Package

The ConnexIP Operating System installation package for SBC Core:

• sbc-V08.02.00R000-connexip-os_07.02.00-R000_4_amd64.iso
• sbc-V08.02.00R000-connexip-os_07.02.00-R000_4_amd64.iso.md5
  
  

SBC Core Application Package

The SBC Application installation and upgrade package for SBC Core:

• sbc-V08.02.00R000-connexip-os_07.02.00-R000_4_amd64.qcow2
• sbc-V08.02.00R000-connexip-os_07.02.00-R000_4_amd64.qcow2.md5
• sbc-V08.02.00-R000.x86_64.tar.gz
• sbc-V08.02.00-R000.x86_64.md5
• sbc-V08.02.00-R000.x86_64.signature

For detailed information on installation and upgrade procedures, refer to SBC Core Software Installation and Upgrade Guide.

Cloud Service Archive (CSAR) Packages for VNFM Deployment on OpenStack

These files are for SBC SWe deployments in the OpenStack cloud using VNFM.

For VNFM deployment, the VNF Descriptor (VNFD) file is provided in a Cloud Service Archive (CSAR) package for the type of SBC cluster being deploying. VNFs are independent and CSAR definitions are imported into the VNFM via an Onboarding mechanism. There is a procedure for producing the required CSAR variant, for different personalities (S-SBC, M-SBC), different interface types (virtio, sriov).

Files required for CSAR creation: 

• createVnfmCsar.py
• vnfmSol001VnfdTemplate.yaml
• sbc-V08.02.00R000-connexip-os_07.02.00-R000_4_amd64.qcow2

For detailed information on installation and upgrade procedures, refer to SBC Core Software Installation and Upgrade Guide.

For details on CSAR creation, refer to Creating a CSAR Package File. 

Upgrade Notes

08.02.00R000 Upgrade Information

Support of maddr Post-Upgrade

When upgrading SBC Core to release 5.0.0 (and above) from a pre-4.2.4 release, complete the "Action to take" immediately after the upgrade if either condition that follows is applicable:

• If you are using the SBC with a Broadsoft system and the SBC is configured for registration access (where the SBC sits between SIP phones and the Broadworks System). Otherwise no new REGISTER will be processed (phones will lose registration).
• If you are using the SBC with other feature servers that require maddr processing.

Action to take: On the SIP trunk group facing Broadsoft (or other feature server), set the SIP Trunk Group signaling flag, honorMaddrParam, to enabled on the Trunk Group(s) requiring maddr handling. The default is ‘disabled’.

set addressContext <addressContext name> zone <zone name> sipTrunkGroup <TG name> signaling honorMaddrParam <disabled | enabled> 

See the following pages for configuration details:

• SIP Trunk Group - Signaling - CLI
• SIP Trunk Group - Signaling (EMA)

SBC SWe Pre-Upgrade Requirements

VM CPU resource allocation requirements

Starting with 4.2.4R0 release, CPU resource allocation requirements for SBC SWe VM are strictly enforced contrary to previous releases. You must review and verify these VM settings (including co-hosted VMs) against the documented "VM Configuration Recommendations" on the For VMware page in the Hardware and Software Requirements section before upgrading. If you encounter a problem, correct the CPU reservation settings as specified in step 6 of the "Adjust Resource Allocations" procedure on Creating a New SBC SWe VM Instance with VMXNET3. CPU reservation should be set as “number of vCPUs assigned to VM * physical processor CPU frequency". If VM uses the same number of vCPUs as the number of physical processors on the server, this reservation may not be possible. In this case, reduce the number of vCPUs assigned to VM by one and set the CPU reservation to the appropriate value.

When using the show table system serverSoftwareUpgradeStatus command during the upgrade, the Standby server's LSWU status will always display "Upgrading" even though the upgrade may have failed due to host checker validation. To check if host validation failed for the Standby, check for HostCheck Validation Failed message in the upgrade.out log.

Disable Call Trace feature prior to LSWU/upgrade

As a prerequisite for SWe LSWU/upgrade, disable the Call Trace feature prior to performing the LSWU/upgrade and re-enable it once the LSWU/upgrade is completed.

Manually check for Hostcheck Validation Failed message

Perform the following procedure on the Standby to check for the Hostcheck Validation Failed message in the upgrade.out log.

1. Log on to ESXi of the Standby SBC SWe.
   
   
2. Check in/opt/sonus/staging/upgrade.out (this log shows the Hostcheck Validation Failed error).
   
   
3. Power off the VM.
   
   
4. Reduce the number of vCPUs assigned to VM by one and set the CPU reservation to the appropriate value.
   
   
5. Power on the VM. The SBC SWe successfully upgrades to the latest version 6.2.0. 
   
   
6. Run the command show table system serverSoftwareUpgradeStatus to confirm the successful upgrade.
   
   
7. Perform similar procedure for LSWU on Active.

Preparing for Upgrade (All Platforms)

Supported Live Software Upgrade (LSWU) Paths

The SBC Core supports Live Software Upgrade from releases listed in the table below:

New Features in Release 08.02.00R000

SBX-41671 TTY/TDD Interworking Support for RFC-4103 and/or RFC-4351 

 The SBC supports Text over Internet Protocol (ToIP), including the inter-working between ToIP and the Text Telephone (TTY) protocols employed in Code Division Multiple Access (CDMA) wireless networks and wire-line VoIP networks (using Baudot).

The support is applicable for SBC deployments in virtual and cloud environments (I-SBC and D-SBC).

The following interworkings and related transcodings are supported: 

SBX-58717 + SBX-67514 P-Early-Media and DLRBT Enhancements

When a caller sends a SIP INVITE to the SBC (irrespective of the presence of "P-Early-Media: supported" header in the Session Description Protocol (SDP) of the INVITE), the SBC adds P-Early-Media header in its 18x (180 or 183) response towards ingress call leg only if:

• The SBC monitors and detects early media from the egress call leg.

  Note

  The SBC has an "observation" window for monitoring the stream of RTP packets. It also has a "silence" window before it restarts monitoring, to reject RTP packets from a previous announcement.

• The SBC plays a Ring Back Tone (RBT).

  Note

  The SBC plays LRBT only if it does not receive any early media from the egress call leg at the end of a monitoring cycle. If the SBC starts playing LRBT, it continues to play even if it detects RTP in the subsequent monitoring cycles, or exchanges a new set of SDP answers with the egress call leg.

  When the SBC receives an UPDATE from the egress call leg, and the caller (ingress call leg) does not support UPDATE, the SBC continues to feed tone in the same codec. When the ingress call leg supports UPDATE, the SBC feeds tone in a modified codec after a successful offer-answer negotiation.

For more information, refer to the following pages:

SBX-62459 Support for Public-key-Based Peer Authentication Method for IPSec

The SBC is enhanced to support a Public Key-based peer authentication method for IPSec on SBC. In past releases, the SBC used a Preshared key-based authentication method for Peer authentication during IKE negotiation for establishing IKE and IPSec Security associations. To meet Common Criteria certification requirements, the SBC is now capable of using x.509 digital certificates for Peer authentication. Note: Not currently supported on SBC Cloud and D-SBC platforms.

For more information, refer to IPsec Peer - CLI.

SBX-64041 IPSP flag “send SDP In Subsequent 18x” Evolved to “send SDP In Subsequent 18x if not reliable”

RFC 6377 requires that, after the SBC sends an answer in a reliable provisional response to an INVITE, it must not include any Session Description Protocol (SDP) in subsequent responses to the INVITE.

To satisfy the requirement, the behavior of the existing flag sendSdpInSubsequent18x is enhanced. Enable the flag to allow the SBC to send SDP in subsequent 18x response messages after it sends the answer in non-reliable provisional response (until it is sends in reliable 18x message) to the INVITE. When disabled, the SBC does not send SDP in the subsequent 18x response messages.

For more information, refer to the following pages:

• INVITE and reINVITE Support
• Ingress IP Attributes - SIP - CLI
• Ingress Ip Attributes - Flags
• Supported Standards

SBX-67554 LCQ CC/SIP Issue - Multiple Call Transfer - SIP Layer Stops Responding

The SBC is enhanced with the parameter maxNumTransfers under the object global signaling. The range for the maxNumTransfers is 10-100, with 10 as default.

For more information, refer to the following pages:

SBX-68878 CDR for SIPREC Sessions

The SBC is enhanced with CDRs for the SIPREC sessions.

Currently, the SBC generates Session CDRs and adds recorder IP:Port details in a CDR session. The SBC Core is enhanced to show detailed diagnostics information about the SIPREC call legs and to report if there are any failures in setting up the SIPREC call legs. The SBC generates RECORDING records for SIPREC completion.

These SIPREC CDRs (RECORDING records) are used by Ribbon Protect and SIPREC platforms, and are useful for debugging. SIPREC CDRs (RECORDING records) carry the SIP protocol information, metadata used, and some additional media statistics. These records also carry the original communication session information. When the SBC records the same call towards multiple recorders, it generates a CDR for each recording session towards each SRS separately, including any call attempts. The SBC also generates a SIPREC CDR for recording sessions initiated by CLI/REST command.

For more information, refer to Accounting - CLI and Accounting and Logs - Admin.

SBX-70005 Relay Changes in PAID as per RFC-5876

The SBC is enhanced with the addition of the profile sipAdaptiveTransparencyProfile  to configure SIP header transparency for P-ASSERTED-IDENTITY.

When the profile is enabled for a Trunk Group and the SBC receives an updated P-ASSERTED-IDENTITY header as part of SIP Request Methods (INVITE/UPDATE), or in SIP Responses (200/180/183), the SBC relays the SIP message transparently to the other leg of the call. 

 Note that SIP privacy handling takes precedence over the  SIP Adaptive Transparency Profile.

For more information, refer to the following pages:

SBX-70465 STIR/SHAKEN: Option to Signal Verification Failures in Backward Provisional Responses

The ATIS specification defines an optional capability to signal verification failures in backward provisional responses. If a terminating carrier B fails verification for an originating carrier A subscribers, but continues to deliver the call to the carrier B called party, carrier A will have no way to know. The terminating carrier can use failed verification to indicate robocalling status to the called party. In this case, carrier A has no way to know that their subscribers' calls are being flagged as robocalls to the terminating party.

The capability described in the ATIS specification solves this issue if carrier A has tools in place to find these indications in the SIP messaging.

For more information, refer to STI Profile - CLI.

SBX-70938 RTCP for T.140 Pass-through

Some endpoints require RTCP in T.140 media streams as a keep-alive. These endpoints can timeout and shut down the T.140 media stream if there are no text messages in the timeout window. 

However, some endpoints are not capable of generating RTCP in a T.140 media path. Therefore, when inter-working two such networks there exists a condition where endpoints in one network require RTCP but endpoints in another are not capable of generating RTCP.

This feature will make it possible to configure specific trunk groups/PSP to generate RTCP for T.140 pass-through media streams. Additionally, the SBC will not generate RTCP if it is received from the endpoints. 

RTCP packets generated by the SBC follow RFC 3550. It contains the following:

• Sender Report (SR) or (Receiver Report (RR) if no packets were sent)
• Source Description (SDES)

A flag, generateRTCPForT140IfNotReceivedFromOtherLeg, and a parameters, t140RtcpMonitorInterval, are added as a part of this feature to generate RTCP for T.140 media streams based on whether RTCP is received within the monitor interval. 

For more information, refer to:

• Packet Service Profile - RTCP Options
• System - Media - Media RTCP Control
• Packet Service Profile - CLI
• Media System - CLI
• CDR Field Descriptions

• CDR Examples

SBX-71386 Qualify Mellanox-based NIC Cards for SBC SWe – No OVS Offload

Mellanox-based NIC cards MCX4121A-XCAT and MCX512A-ACAT are qualified for use with SR-IOV on an Openstack platform RHOSP13 (Queens) with RHEL 7.6.

SBX-73110 - Support for Teams Direct Routing Using an SBC Hub

The Ribbon SBC adds a configuration option and new processing capabilities to enhance its support of the Microsoft Phone System's Direct Routing capability. Administrators can configure a network of SBCs in a manner that reduces the requirement for public IP addresses. The SBC is able to interpret headers sent from the Microsoft Phone System to optimize media routing decisions.

Refer to Microsoft Teams Direct Routing Using an SBC Hub

SBX-75174 - Generate or Replace SSRC Values for Calls Toward a Kandy Link WebRTC Gateway

The synchronization source (SSRC) identifier uniquely identifies media streams within an RTP session and is included in SDP signaling when establishing or modifying media sessions. The WebRTC specification requires that the SSRC value in an RTP stream match the SSRC sent in the SDP. However some endpoints, such as PSTN gateways, are not capable of generating SSRC values so they are not present in the SDP. Other endpoints change the SSRC during call hold/resume scenarios. The SBC can be configured to address these potential interoperability issues in WebRTC deployments.

You can configure the SBC to generate an SSRC and related attributes to ensure that the required values are present in calls toward a WebRTC gateway such as the Kandy Link WebRTC gateway. When enabled, the SBC generates an SSRC value for audio or video streams and includes it in SDP signaling and RTP/RTCP streams. You can also configure the SBC to update SSRC values in call hold/resume scenarios. When configured to modify the SSRC, after the call resumes, the SBC generates a new SSRC value and includes both the previous and new SSRC values in SDP signaling. Note that the SBC only makes mid-call modifications to the SSRC if it is also configured to generate the SSRC.

For more information, refer to Packet Service Profile - CLI, Packet Service Profile - Flags, and System Provisioning - Packet Service Profile.

SBX-75865 Alarm Generation when SBC Receives RCODE Except for 0

If the SBC receives an error response (except for 0) toward the DNS query, it raises an alarm to notify the user to resolve the IP address of the far end carrier.

The SBC uses the DNS Server IP as a key in the alarm.

For more Information, refer to ­­

• DNS - DNS Group
• DNS Group - CLI,
• Configuring DNS Groups
• DNS Support

SBX-76436 - Increase CDR Retention with Compression

The SBC is enhanced to allow writing accounting files containing CDRs into a compressed format. The compressed files are retained for a user-specified time period; thereafter, they are automatically deleted after a specified number of days. The compressed files are stored in the evlog directory or another directory that you specify. The compressed files are saved using names intended to make them globally unique across all of the user's machines, by including the server information and timestamp.

In order to support existing functionality that reads the uncompressed accounting files, the ability to also write both compressed and uncompressed accounting files simultaneously is added. This enables sftp file transfer to the DSI, viewing the accounting logs in EMA, and transfer of the data to Ribbon Protect. The compression method used is gzip streaming compression. This compression results in a file being compressed to between 10 and 15% of its original size. Encrypet file transfer is not supported through sftp push.

For more information, refer to Event Log - CLI and Event Log - Type Admin.

SBX-76610 Selection Feature for ARS Recovery Algorithm

Currently, the uses a common ARS recovery algorithm for all the selected blacklist algorithms . If the trunk group had more than one peers and one of the peers did not support the selected recovery algorithm,  it became difficult to recover that particular peer.

The SBC is enhanced with a new flag to select the recovery mechanism for each blacklist algorithm selected.

The SBC supports selecting of ARS recovery algorithms for each of the following blacklist algorithms.

For more information, refer to:

• Address Reachability Service
• SIP ARS Profile - CLI

SBX-85716  Re-initiate Pre-condition Negotiation Towards Ingress

Currently, the SBC supports ingress precondition interworking when the ingress side of the call supports precondition attributes, but the egress side of the call does not. The  sends out the initial INVITE to the egress when it meets the ingress side preconditions.

With this enhancement, the SBC re-initiates the precondition procedure whenever the ingress side Session Description Protocol (SDP) changes due to an 18x/200 OK or UPDATE received from the egress side.

For more information, refer to:

• SIP Trunk Group - Signaling - All 
• SIP TG - Signaling - Perform Precondtion Renegotiation - CLI
• SIP TG - Signaling - Prefer UPDATE Over ReINVITE - CLI

SBX-85818 + SBX-85655 Support for SIP-ISUP

To support interworking between different variants of SIP, the SBC is enhanced with the following profiles:

• calledPrefixMatchProfile
• carrierCodeToIoiMappingProfile
• ioiToCarrierCodeMappingProfile
• sipJJ9030InterworkingProfile

You can attach the profiles calledPrefixMatchProfile and sipJJ9030InterworkingProfile with a SIP Trunk Group.

The parameter contractorNumInterworking is added under the NNI Profile.

For more information, refer to the following pages:

SBX-86008 Cloud SBC Avalanche Fault - Detection and Control

Packets that cause a direct SBC fault can lead to a catastrophic failure of an SBC service, which is known as a packet-stimulated fault avalanche. These packets appear for various reasons, such as: the SBC adds a new Session Initiation Protocol (SIP) endpoint, upgrades or replaces a peering endpoint or gateway (GW), changes a configuration on a peer, or introduces a new call scenario. The SBC does not currently check for double faults, which is when the SBC has a failover and then another failover. Double faults cause call loss.

The goal of Avalanche Fault Detection and Control is not to prevent individual crashes, but to detect and control continuous "avalanche" faults that can lead to complete service outages. This feature uses the information from the existing faults to attempt to prevent future faults.

For more information, refer to CLI Configure Mode and System - Fault Avalanche Control.

SBX-86658 Offer-Answer Timer Configuration

In specific call scenarios, the SBC treats the Offer-Answer (OA) as a MODIFY Offer-Answer cycle, but the peer treats it as an INITIAL Offer-Answer cycle. According to RFC 3261, the response from the peer is expected within 300 seconds. The SBC, however, assumes a 20-second response, and therefore any delay in the response from the peer which exceeds of 20 seconds causes call failure.

To overcome this limitation, the SBC is enhanced with a new parameter offerAnswerTimer to configure this OA timer.

For more information, refer to the following pages:

• Signaling - Global - CLI
• Signaling - SIP Sig Controls
• Supported Standards
• SDP Support

SBX-86789 - SBC Should Create TLS Connection Based on Contact Header

In access deployments when a user submits a REGISTER request through the SBC, the SBC stores both Contact header information and the source IP address from where the REGISTER request originated. By default, when the SBC sends a call from the internal network to a registered user over TLS transport, the SBC directs the call to the source IP address it stored during registration of the target user. However, you now have the option to configure the SBC to instead direct the call to the Contact header address the SBC stored for the target user. 

Refer to SIP TG - Signaling - Honor Contact in Register for TLS Calls - CLI

SBX-87239 Response Code Change When SBC Fails DNS Query

 When the SBC fails a DNS query, it generates a 503 or 500 error response. These error codes are now mapped to a configurable response code.

For more information, refer to Internal SIP Cause Map Profile - CLI.

SBX-88422 - Support FQDN as GW SIP Address for PSX Proxy Calls

In SBC deployments that use an external PSX to provide routing policy, SBCs can be added as gateways within PSX to then use optimized routing (SIP in Core) to route calls to other SBC gateways. The PSX 12.2 release adds support for configuring a PSX gateway entity with an FQDN as its SIP address (as an alternative to configuring a specific IP address). The FQDN configuration supports SBC SWe N:1 S-SBC deployments in which a cluster of up to 4 SBC nodes can be active at the same time. Each of the SBC nodes in the N:1 cluster share a homogenous configuration and register with the PSX using a common gateway name. 

With SIP in Core configured, when the core SBC sends a Diameter request to the PSX for routing, the PSX returns the gateway FQDN if the S-SBC cluster is the next hop. The core SBC does a DNS lookup to resolve the FQDN to the individual IP addresses of the active nodes within the cluster. For subsequent call requests, the core SBC load balances among the active nodes using a round robin method to rotate among the individual IP addresses.

Refer to Configuring the SBC to use SIP in the Ribbon IP Core.

SBX-88542 - Prefix-based TG Selection using SMM

By default, the SBC selects the ingress trunk group for an incoming SIP request based on its source IP address and port. However, using SIP Message Manipulation (SMM) operations and a new type of profile, you can extract a value from the incoming message and use the value to select a new ingress trunk group. This secondary trunk group selection enables applying trunk group policies and profiles on a more granular basis in subsequent processing of the session.

Refer to:

• SIP Param Based Action Profile - CLI
• Signaling - SIP Param Based Action Profile
• Extract a Parameter to Select a New Ingress Trunk Group

SBX-88601 + SBX-88885 – SMM: Support Global Configuration and Increased Number of Rules

To enable application of SMM rules more broadly, the SBC adds support for applying SIP message manipulation (SMM) profiles (SIP adaptor profiles) at both the global and address context levels. The new profiles are in addition to the existing support for input and output profiles applied at the zone and trunk group levels. You have the option to define profiles at any or all of the levels.

If more than one profile applies to a session, you can enable "fixed order" execution of the profiles (smmProfileExecution=fixedOrder). In fixed order execution, the SBC logically concatenates the rules in the applicable profiles and executes them in the following order: global, address context, zone, SIP trunk group. The collection of rules are treated as though they reside in a single profile and therefore variables set at the beginning of the sequence are accessible to rules that follow in the sequence.

To support additional uses of SMM, the SMM rules and actions maximum limits are increased as specified below.

For more information, refer to: 

• Signaling - Global - CLI
• Global - Signaling
• SIP Message Manipulation

SBX-88947 Test 2nd Management port on SWe platforms

SBC SWe has been enhanced to support use of a second management port in VMware-based deployments.

For more information, refer to Second Management Port for SWe Deployed in VMware.

SBX-89252 Generate SIP User-Agent Header to Identify SBC Platform and Release

Microsoft Teams use the contents of the user-agent header to determine the remote peer, and then generate telemetry information such as the SBCs manufacturer, sessions success rate and failures to Generate SIP User-Agent Header. This helps in ensuring customers are using Microsoft Teams direct-routing-supported SBC. This enhancement gives the SBC the ability to generate and send UserAgent header towards MS Teams for MS Teams direct routing deployments. The user Agent header now contains:

• • The vendor Name (Ribbon SBC) 
  • The SBC platform ( RIbbon SBC 5400 /7000/ SBW SWE) 
  • The application software version (such as SBC 8.2.0)

As part of this work some additional native capabilities were added for MS Teams zones in order to remove the need for some SMM.

The Lifetime attribute (”|2^31”) will always be added to the crypto line natively for Teams and avoids the need for SMM.

“a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:9bJEC9N5sqNNGDE9z/0UcOP2btmUfHdryTjLUzDw|2^31”

• The gr parameter is automatically removed from the contact header for MS Teams zones to avoid it triggering contact header transparency.
• The max-forwards value is automatically set to 0 in the OPTIONS message on MS Teams zone so the SBC processes it locally.
• Transport=tls in the 200 OK response to the Invite with replaces in a CallQ scenario.

SBX-90436 Capacity Scaling Support with OVS-DPDK Virtio Interfaces

The SBC is enhanced to apply RX-TX architecture for OVS-DPDK virtio interfaces, similar to support of SR-IOV interfaces. Estimated capacity sessions have been adjusted accordingly.

For more information, refer to VNF Performance Tuning and KVM Performance Tuning.

SBX-87348 ARS support on SIPREC Trunk

SBC uses the Address Reachability Service (ARS) to determine if a server (SRS) is reachable. This allows the SBC to “blacklist” a server IPv4 or IPv6 address if it is deemed unreachable, and address subsequent requests to that destination appropriately.

SBX-85320 Implement Q-series Release 10.0 LI Interface

The SBC now supports the same packet cable 2.0 specification so that the LI users do not have to make changes when Q-series SBC is replaced with the SBC core.

SBX-76608 Expected Error Response Based on Call Statistics

In response to a customer request, certain OIDs were examined and error responses were changed. 

SBX-90410 Limit on Recording Criteria

Recording criteria is expanded from 128 to 1024.

Resolved Issues

Resolved Issues in 08.02.00R000 Release 

The following issues are resolved in this release:

Known Issues

Known Issues in 08.02.00R000 Release 

The following issues exist in this release:

Known Limitations

The following limitations exist in this release:

1. Due to a known EMA GUI issue, it can take up to 10 minutes to process each SMM rule when provisioning SMM on the SBC using the EMA. This will be fixed in a future release.

2. The Access Control List (ACL) is not installed to configure SNMP traps for accepting traffic. A dynamic ACL is added to configure SNMP traps. An ACL must be installed for SNMP traps for accepting traffic.
3. The physical NIC connectivity must be in active state at the hypervisor level before starting the SWe instance on the SBC SWe platforms. In case of SWe instance with SR-IOV interfaces, manual restart of the SWe instance is required if physical NIC connectivity goes down while the instance is in progress.
4. The Antitrombone feature is not supported on the D-SBC.
5. EMS identifies the nodes based on the VNFC-ID. While instantiating SBC/PSX cloud nodes, ensure that you use a unique VNFC-ID only. If you reuse an existing VNFC-ID, EMS treats this as a re-registration request and overwrites the existing data on the cloud node.
6. While configuring the SBC SWe Cloud instances, the CLIs commits successfully even if any metaVariable provided is incorrect. The SBC SWe Cloud instance cannot validate the CLIs, as the CDB configuration file is stored in the SBC Configurator and is shared among all the other SBC SWe Cloud instances in the cluster.
7. Editing IP Interface is not reflected in the if configuration (ifConfig). This behavior is observed only on the S-SBC when action is set to "dryup" mode on the IP Interface. The IP address changes are not updated in the kernel and will not be displayed when ifconfig linux command is executed. In case of S-SBC, if the ipInterface configuration needs to be modified and if the action is set to "dryup" in ipInterface configuration, it must be set to "force" before disabling the ipInterface and making any changes.
8. A LSWU on an SBC 7000 should only be performed when the total number of active calls on the system is below 18,000. If the criteria is not met, a double failure during the upgrade may occur thereby losing all active calls. If such a failure occurs, both active and standby SBC services will go down. Contact Ribbon Support immediately.
   
   

Performing Heat Stack Update when userdata is Updated with SSH Keys

When upgrading SBC SWe cloud instances to release 8.0, you must update your Heat template userdata section to include mandatory SSH key information. An issue in OpenStack requires that you use the stack-update process rather than re-launch after updating the template, which leads to a new UUID for the instance. As a result, you must regenerate and apply new license bundles to the upgraded instances during the upgrade.

Refer to Upgrading SBC SWe N:1 HA Nodes on OpenStack using Heat Templates for the relevant procedure. 

Restricted Functionality with SBC

The following functionalities are not supported with SBC Microservices:

1. Direct Media and Antitrombone 

2. Far end NAT traversal

3. NICE

4. Rx, Rf interfaces

5. Fax detection

6. ICE/STUN

7. SIP REFER

8. SIP REPLACE

9. Two stage calls

10. H323 support

11. IMS LI support for multiple streams

12. MS Teams

13. Tones and Announcement using TSBC

14. Support for video only call