Panel | ||||
---|---|---|---|---|
In this section:
|
Noprint | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Info | ||
---|---|---|
| ||
Default values are enclosed in square brackets [ ]. |
New CLI commands have been introduced, all except gpuStatus
are available only on SWe except ssbc SWe.
show table system gpuTranscodeStatus –
Shows codec channel capacities on a per GPU device basis. show table system cpuTranscodeStatus –
Shows codec channel capacities specifically for CPU UXPADs. This command is applicable for instances that support hybrid transcoding, in which both CPU UXPADs and GPU UXPADs are used.show table system transcodeInfo transcodeType
– Shows type of transcoding used: GPU, CPU or Mix of CPU + GPU. This is system level information and we show only 1 entry in case of HA system.
show table system transcodeInfo cpu –
Shows CPU cores used for transcoding. This is system level information and we show only 1 entry in case of HA system.
show table system transcodeInfo gpu –
Shows type of GPU, XPADs/CPU used with this GPU, name of GPU, GPU allocation ratio.show table system gpuStatus
– Shows data per node for each GPU (attached to the node). Prints server name and GPU number.
.
Code Block |
---|
> show table system gpuTranscodeStatus |
Code Block |
---|
> show table system cpuTranscodeStatus |
Code Block |
---|
> show table system transcodeInfo transcodeType |
Code Block |
---|
> show table system transcodeInfo cpu |
Code Block |
---|
> show table system transcodeInfo gpu |
Code Block |
---|
> show table system gpuStatus |
Beginning with SBC Core release 7.0, the SBC is configured in legacy license mode by default. The “local” and “network” options for license mode that were supported on SBC SWe in prior releases are being phased out. Options to change license mode through the CLI are no longer available as of release 7.0. Although some references to local license mode remain in documentation, the CLI, or the EMA UI, local license mode is not supported.
If your SBC SWe deployment was configured to use network license mode in a prior release, the tools to monitor and configure network-mode licensing remain available in release 7.0, but will be phased out in the future. Information needed to maintain network license mode is still provided. Contact your Ribbon Sales Representative for more information and assistance in updating your license.
This release provides visibility in the license utilization within the SBC. SBC provides new statistical information on the types of call traffic occurring on the SBC. Current and interval call counts are provide for a range of session types such as SRTP, NICE, enhanced video, transcoding, and SIPREC.
This release also provides information on license status on a per feature basis through both the CLI and through the EMA user interface. For more details and an example of the output, see the description of the show table system licenseFeatureStatus
command
on the Show Table System page page in the CLI Reference Guide or the System - License Feature Status page page in the EMA User Guide.
.
Caption | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||
|
The following flag is added to media parameters within SIP trunk groups to control whether the SBC processes multiple audio m-lines, or a combination of audio and image m-lines, in SDP:
multipleAudioStreamsSupport
After you enable the multipleAudioStreamsSupport
option, then you have the option to enable the following media parameter within SIP trunk groups to disallow SRTP streams when they are present in incoming SDP:
disallowSrtpStream
Code Block |
---|
% set addressContext <address context name> zone <zone name> sipTrunkGroup <TRUNKGROUP NAME> media multipleAudioStreamsSupport <disabled | enabled> % set addressContext <address context name> zone <zone name> sipTrunkGroup <TRUNKGROUP NAME> media disallowSrtpStream <disabled | enabled> |
The following flag is added to IP Signaling profiles to configure the SBC to respond with an offer in SDP that includes the full set of codec possibilities based on the ingress and egress PSPs, including those enabled by transcoding, when it receives a late media Re-INVITE request.
sendSBCSupportedCodecsForLateMediaReInvite
This flag takes precedence over the sendAllAllowedCodecsForLateMediaInviteOrReInvite
flag and the sendOnlyPreferredCodec
flag in the IP Signaling profile. The SIP trunk group media flag lateMediaSupport
must be set to convert
for the behavior enabled by the sendSBCSupportedCodecsForLateMediaReInvite
flag to apply.
Code Block |
---|
set profiles signaling ipSignalingProfile <IPSP profile name> commonIpAttributes flags sendSBCSupportedCodecsForLateMediaReInvite <disable | enable> |
The following parameters are added to the zone to provide the current and interval statistics for each IP peer:
ipPeerCurrentStatistics
ipPeerIntervalStatistics
Code Block |
---|
> show status addressContext <addressContext> zone <zone> ipPeerCurrentStatistics > show table addressContext <addressContext> zone <zone> ipPeerCurrentStatistics |
Code Block |
---|
> show table addressContext <addressContext> zone <zone> ipPeerIntervalStatistics > show status addressContext <addressContext> zone <zone> ipPeerIntervalStatistics |
The teardown
parameter is added to message type of the sipAdapterProfile.
Code Block |
---|
% set profiles signaling sipAdaptorProfile <sipAdapterProfile> rule <rule index> action <action index> type message operation teardown message teardown responseCode <100 | 699> |
A new command helps to tweak the sensitivity of the triggering conditions and the frequency of audits.
Code Block |
---|
request sbx nrm debug command "setirttaudit [dumpraw enable|disable] [repeat n] [sensit off|mc1|mc2|mc3|badirtt|unconditional]" |
The SBC is enhanced to support Application Layer Forking feature and establish different SIP dialogs to multiple destinations. With this feature, the SBC receives a single initial INVITE for a target and create multiple initial INVITEs with different call-Ids to different targets. These call-Ids are associated with the received target through configuration and the same or the different targets are used for these calls. The first answered call is considered as “active” and other calls are terminated gracefully.
The Address of Record (AoR) group is created for different AoRs for each VOIP subscriber devices. For example, if a subscriber has three end devices, three AoRs are created respectively, and grouped them under an AoR group to fork call to all the AoR devices. To support call forking feature, the aorGroupProfile parameter is added to profiles configuration.
Code Block |
---|
% set profiles aorGroupProfile <aorGroupProfile>
aorDataList <Aor Data>
aorDialogAttribute <useFirst18x | useLast18x>
preferredIdentity <Input PreferredIdentity (urischeme:user@host) for AoRs Group>
waitForAnswer <0 to 300000> |
Code Block |
---|
% set profiles voipSubscriber <Input Voip Subscriber(uri-scheme:user@host)>
aorGroupProfile <AoRGroup ProfileId>
egressRURIAttribute <aorEgress | calledURI> |
Code Block |
---|
% set addressContext <addressContext> zone <zone> sipTrunkGroup <sipTrunkGroup> policy preferredIdentity <disable | enable> |
The SBC supports interworking between a network supporting P-Early Media (PEM) header to a network supporting Alert-Info (AI) header. To support this functionality, the flag aiToPemInterworking is used in the IP Signaling Profile.
The following flags are added:
monitorRTP
earlyMediaMethod
withOrWithOutSDP
monitorRtpOnEgressUpdate
The following flags are modified:
aiToPemInterworking
defaultGatingMethod
Code Block |
---|
set addressContext <addressContext> zone <zone> sipTrunkGroup <sipTrunkGroup> media earlyMedia method pEarlyMedia monitorRtp <disabled | enabled> |
Code Block |
---|
% set profiles media toneAndAnnouncementProfile <toneAndAnnouncementProfile> localRingBackTone signalingTonePackageState enable flags useThisLrbtForIngress enable
earlyMediaMethod <none | pEarlyMedia>
withOrWithOutSDP <disable | enable> |
Code Block |
---|
set profiles signaling ipSignalingProfile <ipSignalingProfile> egressIpAttributes flags monitorRtpOnEgressUpdate <disable | enable> |
Code Block |
---|
set profiles signaling ipSignalingProfile <ipSignalingProfile> DEFAULT_SIP commonIpAttributes flags aiToPemInterworking <enable | disable> |
Code Block |
---|
set addressContext default zone <zone> sipTrunkGroup <sipTrunkGroup> media earlyMedia method pEarlyMedia defaultGatingMethod <inactive | none | recvonly | sendonly | sendrecv> |
The following flag is added to the isupSignalingProfile.
chargeRateInfoForCpcApc
The chargeRateInfoForCpcApc
parameter is added to the ISUP Signaling Profile (isupSignalingProfile
) to determine whether the SBC checks for specific payphone-related characteristics in J-ISUP to non-Japanese ISUP calls to trigger using different charge rate information (CRI).
Code Block |
---|
set profiles signaling isupSignalingProfile <profile_name> chargerateinfoForCpcApc <unsupported | supported> |
The control parameter cpgReleaseTimer is added to the isupSignalingProfile configuration.
Code Block |
---|
set profiles signaling isupSignalingProfile <profile_name> [ cpgReleaseTimer <0-300>]
and
show profiles signaling isupSignalingProfile <profile_name> cpgReleaseTimer |
The following global parameter controls whether the SBC is in signaling-only mode:
sigOnlyModeValue <global | off>
Code Block |
---|
set global signaling sigOnlyMode sigOnlyModeValue <global | off> |
Three commands have been added to the CLI toolbox in order to:
Code Block |
---|
user-config-export
<filename>
<xpath> |
Code Block |
---|
user-config-import
<filename> |
Code Block |
---|
user-config-show
<optional argument XPath> |
The SBC is enhanced to include the native Linux commands ping
and traceroute
(and their IPv6 variants) from the SBC command line interface. To use the commands at the SBC application level, log on to the SBC as an application administrator.
Code Block |
---|
ping
[-LRUbdfnqrvVaAD]
[-c <count>]
[-i <interval>]
[-w <deadline>]
[-p <pattern>]
[-s <packetsize>]
[-t <ttl>]
[-I <interface>]
[-M <pmtudisc-hint>]
[-m <mark>]
[-S <sndbuf>]
[-T <tstamp-options>]
[-Q <tos>]
[hop1 ...]
<destination_IPv4_or IPv6 address> |
Code Block |
---|
traceroute [ -46dFITnreAUV ] [ -f <first_ttl> ] [ -g gate,... ] [ -i <device> ] [ -m <max_ttl> ] [ -N <squeries> ] [ -p <port> ] [ -t <tos> ] [ -l <flow_label> ] [ -w <waittime> ] [ -q <nqueries> ] [ -s <src_addr> ] [ -z <sendwait> ] [ --fwmark=<num> ] host [ <packetlen> ] |
Earlier versions of the SBC were shipped with a hard-coded CLI admin user password. Initial passwords are now changed:
In this version, the default CLI admin password is the value of the active role assigned instance's primary interface-id (Mgt0InterfaceIDActive). The active role of the instance is assigned in the cloud formation template (CFT). You can find the active role assigned instance's primary interface-id (Mgt0InterfaceIDActive) on the AWS stack output.
Lawful Intercept is a security process in which the service provider provides law enforcement entities access to communications of individuals or organizations. For details on SBC Core implementation of this process, see Lawful Intercept. The SBC Core platforms now support IPsec/IKE on the X2 interface when the variant "Legacy LI" is used.
Code Block |
---|
set addressContext <addressContext name> ipsec peer <peer name>
ipAddress <ipAddress>
localIdentity <fqdn | ipV4Addr | ipV6Addr>
preSharedKey <DES3 encrypted string> |
Code Block |
---|
set addressContext <addressContext name> ipsec spd <spd_name>
action <bypass | discard | protect>
localIpAddr <ipAddress>
localIpPrefixLen <0-128>
localPort <0-65535>
mode <transport | tunnel>
precedence <0-65535>
protocol <0-255>
remoteIpAddr <ipAddress>
remoteIpPrefixLen <0-128>
remotePort <0-65535>
state <disabled | enabled> |
The SBC is enhanced with additional statistics and alarms for detected signaling and security events. These enhancements are designed to improve Ribbon Protect and SBC security reporting and analysis. Potential SIP and RTP flooding, footprinting, and authentication attacks are reported through new statistics, CDR enhancements, and the introduction of offenders lists that can be configured to report at desired intervals.
In previous versions of the SBC, the IPSecDecryptOffendersList contained both IPsec and SRTP offenders. They are now split up and reported in separate lists.
A new policerType, SRTP Decrypt, is added to the existing trap of sonusSbxNodePolicerMajorAlarmNotification, sonusSbxNodePolicerMinorAlarmNotification, sonusSbxNodePolicerClearAlarmNotification.
Code Block |
---|
show table system ipPolicing srtpDecryptOffendersList |
Code Block |
---|
show table system ipPolicing srtpDecryptOffendersIntStats |
Code Block |
---|
set global servers srsGroupProfile <srs_group_id>
loadDistribution <roundRobin | sequence>
numSimultaneousStream <range 1..2> srsGroupData <Priority range 0..7>
ipAddress <signaling ipv4/ipv6 address of the SRS> ipPort <signaling port of the SRS>
ipTGId <Ip Trunkgroup Id> transport <udp/tcp/tls> |
Code Block |
---|
request global siprec startRecord numOfStreams <range 1..4> trunkGroup <SIPREC_TrunkGroup_Name>
srsIpAddress <RecordingServerIP> srsPort <RecordingServerPort>
srsIpAddrress2 <SecondaryRecordingServerIP> srsPort2 <SecondaryRecordingPort>
trunkGroup2 <SIPREC_TrunkGroup2_Name> gcid <gcid_value>
callLeg <Ingress|Egress> transport <udp | tcp | tls> transport2 <udp | tcp |tls> |
Documentation now includes configuration notes to allow the SBC to use crankback for DNS.
sipToCpcCauseMapProfile
from the egress sipTrunkGroup. The CPC cause is then looked up in the egress sipTrunkGroup's crankbackProfile
. If a match is found, the SBC attempts a new target. If a match is not found, the SBC skips the DNS crankback and proceeds with the "normal" crankback at CC level using the ingress siptrunkGroup's crankback profile.
The following flag is added to the system admin
table to specify whether the default admin user must be authenticated using local authentication.
defaultAccountLocalOnly
For this flag to be set to true, the system admin options localAuthenticationEnabled
and externalAuthenticationEnabled
must also be set to true
to enable the use of local authentication on the SBC.
Code Block |
---|
set system admin <system name> defaultAccountLocalOnly < false | true > |
Code Block |
---|
show table system admin <system name> defaultAccountLocalOnly |
The parameter deviceSmartAttrib
is added to system serverAdmin <server name>.
Code Block |
---|
set system serverAdmin <name> deviceSmartAttrib <integer> |
Caption | |||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||||||||||||||||||||||||||||
|
Pagebreak |
---|