Page History

New CLI in 8.2.0R0

SBX-

41671 TTY/TDD Interworking Support for

NASS-IMS-Bundled-Authentication (NBA) is used to provide access to the IMS (IP Multimedia Subsystem) network for legacy equipment that cannot support IMS access security (IMS AKA). The authentication algorithm is enhanced to include and select NBA authentication. 

The main objective of the NBA is to gain access to the IMS network, based on successful access level authentication. This is achieved by associating an IMS identity with a fixed specific location from where it is authorized to access from. The SBC Core infers an authentication scheme applicable to the user based on response from S-CSCF for initial REGISTER request. If S-CSCF selects NBA, it either sends 200 OK or 403 response. The SBC infers an NBA authentication scheme on receipt of 200 OK and follows procedures associated with NBA. So, P-CSCF switches to either NBA or SIP Digest w/o TLS based on S-CSCF's response. When NBA is in use, receiving a 401 (Unauthorized) response to the REGISTER request is not expected.

When P-CSCF receives a REGISTER from the UE, and once NBA is selected as the authentication scheme, P-CSCF contacts CLF over the e2 interface. P-CSCF performs a"Location Information Query" towards CLF using the E2 interface User-Data-Request and User-Data-Answer message exchange to learn the location information. CLF sends the response to P-CSCF including location information of UE using the given IP address / User-Name. Upon getting a response from CLF, P-CSCF inserts PANI header, appends NASS location information to SIP REGISTER message, and forwards REGISTER message towards IMS core, in order to authenticate UE. 

The following parameters configure this feature:

• container <nassImsAuth> allows configuration related to NASS
• under container <nassImsAuth>, under <accessType>, <xDSL>, <ethernet> and <fiber> provision IP connectivity access associated with TISPAN NASS
• The <accessClass> parameter, when configured to <tispan-NASS>, allows the SBC to identify if the request arrived on TISPAN NASS
• value e2 enhances <appId> to provision the diameter e2 interface
• <clfRealm> allows configuration so the UDR message sent has a destination realm AVP with a CLF realm value
• <ueDefaultLocation> specifies the default UE location name

The <nassImsAuth> parameter is a new container, allowing configuration related to NASS. Under <nassImsAuth> are:

• <accessType>
  • <ethernet>
  • <xDsl>
  • <fiber>
• <clfRealm>
• <ueDefaultLocation>

The existing <accessClass> is enhanced with a new value, tispan-NASS

The existing <appId> is enhanced with a new value, e2

 % set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling accessClass
  ac-3GPP 
  none 
  tispan-NASS
 
 
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth      
  accessType         
  clfRealm          
  ueDefaultLocation
   
  
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth accessType
  ethernet  <ieee-802-3 | ieee-802-3a | ieee-802-3ab | ieee-802-3ae | ieee-802-3ak | ieee-802-3an | ieee-802-3aq | ieee-802-3e | ieee-802-3i | ieee-802-3j | ieee-802-3u | ieee-802-3y | ieee-802-3z>
  fiber   <g-pon | ieee-802-3ah | xgpon1>
  none 
  xdsl <adsl | adsl2 | adsl2Plus | g-hdsl | hdsl | hdsl2 | idsl | radsl | sdsl | vdsl>
  
  
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth clfRealm  <1-128 chars>
  
  
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth ueDefaultLocation <1-64 chars>
  
  
% set addressContext <addressContext name> diamNode <diameterNode name> realmRoute <realmRoute name> appId <e2 | rf | rx>

SBX-3281 ARP Probes for Link Failure Detection for SWe

The SBC SWe supports two levels of link detection for both standby and active Ethernet ports to monitor the health of the ports and to ensure the health of a standby port before initiating a switchover to it. By default, physical link detection is enabled on all ports configured in Link Monitor. This default mechanism checks for the presence of the cable and that the adjacent device is powered on. If hardware failures are detected they are reported to the SBC processes that monitor ports and a switchover can be triggered if the standby port is available.

A second level of link detection can be enabled that checks connectivity between a port and and a configured destination. The specific mechanism used to check the port depends on the whether the port is in an active or standby state. These probing mechanisms for link detection are available regardless of the number of ports attached to the SWe instance.

The current description for the probeOnStandby flag (under linkMonitor) is expanded to account for port redundancy as shown below. This description covers both SWe and non-SWe use of the option.

SBX-40513 Independent Crankback Control for Route list and 3XX contact list

Crankback functionality is triggered based on the presence, absence, or value of a SIP information element, for example, a proprietary header, parameter, or response code. This is provided by enhancing SMM capabilities. 

To invoke crankback functionality, SMM is enhanced to include a predefined SMM variable for crank-back invocation. The SMM variable is assigned to one of the predefined action values. To invoke crank-back functionality, the SMM rule is added so that "nextRouteActionOnCrankBack" is set to a predefined action value. Whenever the SMM rules are met, the SBC takes crankback action based on the action value. The user can assign value to this using SMM rules. 

The parameter nextRouteActionOnCrankBack is a predefined SMM operation parameter that configures crankback invocation for this feature. 

Under this parameter are two options, <actionType> and <generateAttemptRec>.

Under <actionType>, the options <none>, <SkipRemainingRoutes>, <DisconnectCall>, and <AttemptNextRoute> determine how crankback is performed. 

Under <generateAttemptRec>, the options <true> and <false> determine if the attempt record will be generated for crankback attempts. 

The nextRouteActionOnCrankBack SMM operation parameter is added. Under it are:

% set profiles signaling sipAdaptorProfile <profile name> rule <index> action <index> operation nextRouteActionOnCrankBack
  
% set profiles signaling sipAdaptorProfile <profile name> rule <index> action <index> message
  
% set profiles signaling sipAdaptorProfile <profile name> rule <index> action <index> message nextRouteActionOnCrankBack actionType < None | AttemptNextRoute | SkipRemainingRoutes | DisconnectCall>
  
% set profiles signaling sipAdaptorProfile <profile name> rule <index> action <index> message nextRouteActionOnCrankBack generateAttemptRec <true | false>

SBX-42524 and SBX-53799 Emergency Call Handling for the Roaming Users in S8HR Model

The S8 Home Routing (S8HR) uses the LTE S8 interface for transporting VoLTE traffic between the visited and home network as data traffic. The S8HR does not require IMS in the visited LTE network. In S8HR roaming architecture model of VoLTE, the Packet Data Network Gateway (PGW), Policy Charging and Rules Function (PCRF), and Proxy Call Session Control Function (P-CSCF) are in the Home Public Land Mobile Network (HPLMN) when the UE is roaming in a Visited Public Land Mobile Network (VPLMN). The S8HR roaming architecture provides all the IMS services to the UEs roaming in the VPLMN. In this scenario, the UE does not require any IMS network to network interface (NNI) between the VPLMN and HPLMN. A roaming user receives all the services of the home network in the S8HR model. In S8HR roaming model, the IMS/SIP/RTP traffic is tunneled back to the HPLMN like data traffic.

The visited S8HR user is authenticated using the GPRS-IMS-Bundled Authentication (GIBA) procedure and handles the emergency call. The flags s8hrSupport and gibaSupportForS8hrInboundUserare added to the SIP Trunk Group to support the emergency call handling for S8HR model.

To support the emergency call in S8HR model, execute the following command:

% set addressContext <addressContext> zone <zone> sipTrunkGroup <sipTrunkGroup> signaling s8hrSupport <disabled | enabled>

To configure the VPLMN  and HPLMN profiles, execute the following command:

% set profiles services
  hplmnProfile <profileName> hplmnId <plmn id>
  vplmnProfile <profileName> vplmnId <plmn id> emergencyPrefix <prefix id>

RFC-4103 and/or RFC-4351

The parameter generateRtcpForT140IfNotReceivedFromOtherLeg is added to packetServiceProfile rtcpOptions rtcp. When the parameter is set to enable, the SBC generates RTCP for T140 media streams if RTCP is not received from peer.

For more information, refer to the following pages:

• Packet Service Profile - CLI
• Show Status System
• Show Table System 

Command Syntax

To configure the parameter generateRtcpForT140IfNotReceivedFromOtherLeg, use the following syntax:

set profiles media packetServiceProfile <packetServiceProfile_name: INGRESS>
	rtcpOptions 
		rtcp <disable | enable> 
			generateRtcpForT140IfNotReceivedFromOtherLeg <disable | enable>

Command Parameters

SBX-62459 Support for Public-key-Based Peer Authentication Method for IPSec

The SBC is enhanced to support a Public Key-based peer authentication method for IPSec on SBC. In past releases, the SBC used a Preshared key-based authentication method for Peer authentication during IKE negotiation for establishing IKE and IPSec Security associations. To meet Common Criteria certification requirements, the SBC is now capable of using x.509 digital certificates for Peer authentication. Note: Not currently supported on SBC Cloud and D-SBC platforms.

For more information, refer to IPsec Peer - CLI.

Command Syntax

% set addressContext default ipsec peer <peerName> authType <psk | rsaSig>
% set addressContext default ipsec peer <peerName> localCertificate <sbcCertName>
% set addressContext default ipsec peer <peerName> remoteCertificate <peerCertName>
% set addressContext default ipsec peer <peerName> remoteCaCertificate <caCertName1>

Command Parameters

SBX-67554 LCQ CC/SIP Issue - Multiple Call Transfer - SIP Layer Stops Responding

The SBC is enhanced with the parameter maxNumTransfers under the object global signaling.

For more information, refer to Signaling - Global - CLI and Show Table Global.

Command Syntax

To configure maxNumTransfers, use the following syntax:

% set global signaling maxNumTransfers <10-100>

Command Parameters

Configuration Examples

To configure maxNumTransfers, use the following example:

% set global signaling maxNumTransfers 30

To display the maxNumTransfers, use the following example:

• In the "configure" mode:

  Code Block
  % show global signaling maxNumTransfers maxNumTransfers 30

  
  

• In the "display" mode (when you exit the "configure" mode):

  Code Block
  > show table global signaling maxNumTransfers 30; messageManipulation { inputAdapterProfile DD1; outputAdapterProfile DD1; } sipPeerOverloadControl { samplingPeriod 2; discardPeriod 2; stepDownGain 100; rejectThreshold 1; } sipSigControls { registrarSupportContactParam enabled; maxPduSizeValue pdusize15kb; }

  
  

SBX-68878 CDR for SIPREC Sessions

The SBC is enhanced to support a new parameter "Generate Recording CDR" to the OAM > Accounting > Admin. When the "Generate Recording CDR" parameter is enabled, the SBC generates a Recording-CDR. The selected CDR is placed in the .ACT files along with the other call and Event CDRs. All the file size and CDR count rules of the existing CDRs apply to the Recording CDRs. 

For more information, refer to Packet Service Profile - CLI.

Command Syntax

% set oam accounting admin generateSipRecordingCdr <disabled | enabled>

 Command Parameters

SBX-70465 STIR/SHAKEN: Option to Signal Verification Failures in Backward Provisional Responses

The ATIS specification defines an optional capability to signal verification failures in backward provisional responses. If a terminating carrier B fails verification for an originating carrier A subscribers, but continues to deliver the call to the carrier B called party, carrier A will have no way to know. The terminating carrier can use failed verification to indicate robocalling status to the called party. In this case, carrier A has no way to know that their subscribers' calls are being flagged as robocalls to the terminating party.

The capability described in the ATIS specification solves this issue if carrier A has tools in place to find these indications in the SIP messaging.

Trunk-group-level SIP cause value reporting should include counts for each unique case value transmitted. These statistics already exist for the Reason header transmitted at the end of the call; however, this would additionally count the cause values send in the 18x/200 for STIR/SHAKEN.

New STI Profile flag overWriteReasonCodeIn4xxto6xx added regarding 4xx-6xx handling.

For more information, refer to STI Profile - CLI.

Command Syntax

% set profiles services stiProfile <profile_name> overWriteReasonCodeIn4xxto6xx <disabled | enabled>

Command Parameters

SBX-70938 RTCP for T.140 Pass-through

A parameter, t140RtcpMonitorInterval, is added under mediaRTCPControl to define the RTCP monitoring interval. This enables the SBC to wait for an RTCP packet from peer before starting RTCP towards T.140 endpoint with the following PSP flag enabled.

% set system media mediaRtcpControl t140RtcpMonitorInterval 6
% set profiles media packetServiceProfile DEFAULT rtcpOptions generateRtcpForT140IfNotReceivedFromOtherLeg enable

Command Parameters

SBX-75174 - Generate or Replace SSRC Values for Calls Toward a Kandy Link WebRTC Gateway

The synchronization source (SSRC) identifier uniquely identifies media streams within an RTP session and is included in SDP signaling when establishing or modifying media sessions. The WebRTC specification requires that the SSRC value in an RTP stream match the SSRC sent in the SDP. However some endpoints, such as PSTN gateways, are not capable of generating SSRC values so they are not present in the SDP. Other endpoints change the SSRC during call hold/resume scenarios. The SBC provides two flag parameters to the Packet Service profile to determine whether the SBC generates and updates the SSRC and related attributes.

For more information, refer to Packet Service Profile - CLI.

Command Syntax

The SBC adds the following two flags to the Packet Service profile. 

% set profiles media packetServiceProfile <profile name> flags
      generateAndSignalSSRCAndCname <disabled | enabled>
      allowMidCallSSRCModification <disabled | enabled>

The SBC only allows mid-call modifications to the SSRC if it is generating the SSRC. Therefore, the first parameter, generateAndSignalSSRCAndCname, must be enabled for the second parameter, allowMidCallSSRCModification, to become available.

Command Parameters

SBX-75865 Alarm Generation when SBC Receives RCODE Except for 0

The rcodeErrorMonitorTimer parameter is added to the DNSGroup configuration to support monitoring timer interval which the SBC Core uses to monitor RCODE errors.

 For more information, refer to DNS Group - CLI

Command Syntax

% set addressContext <address_context_name> dnsGroup <dnsgroup> rcodeErrorMonitorTimer <rcode_error_monitor_timer>

Command Parameters

SBX-76436 - Increase CDR Retention with Compression

The SBC is enhanced to allow writing accounting files containing CDRs into a compressed format. The compressed files are retained for a user-specified time period; thereafter, they are automatically deleted after a specified number of days. The compressed files are stored in the evlog directory or another directory that you specify.

 For more information, refer to Event Log - CLI

Command Syntax

% set oam eventLog typeAdmin acct
    compressionSupport <both | none | only>
    compressionDaysToKeep <1 .. 7>
    compressionCleanupDirectory

Command Parameters

SBX-76610 Selection Feature for ARS Recovery Algorithm

The following is the full syntax to create a SIP ARS profile, including the new recoveryAlgForTimeouts and recoveryAlgForNoRetryAfter options and their parameters for selecting the ARS recovery algorithm for each blacklist algorithm.

For more information, refer to SIP ARS Profile - CLI.

Command Syntax

 set profiles services sipArsProfile <Profile Name> recoveryAlgForTimeouts < probe | timer | none >

 set profiles services sipArsProfile <Profile Name> recoveryAlgForNoRetryAfter < probe | timer | none >

% set profiles services sipArsProfile <profile name>
   blkListAlgRetryAfterType sip-503
   blkListAlgTimeoutsDuration <1-3600>
   blkListAlgTimeoutsNumTimeouts <1-3600>
   blkListAlgTimeoutsType sip-invite
   blkListAlgorithms <retryafter | timeouts | noRetryAfer>
   blkListAlgNoRetryAfterNum503 <1-3600>
   blkListAlgNoRetryAfterDuration <1-3600>
   failureResponseCodes <400-699 | all |all4xx | all5xx | all6xx>
   midDialogArsScreenLevel <always | never | onlyIfNotBlackListDueto503>
   recoveryAlgProbeDuration <1-3600>
   recoveryAlgProbeInterval <1-600>
   recoveryAlgProbeMethod sip-options
   recoveryAlgProbeNumResponses <1-32>
   recoveryAlgTimerDuration <1-3600>
   recoveryAlgorithm <probe|timer>
   recoveryAlgForTimeouts <probe|timer|none>
   recoveryAlgForNoRetryAfter <probe|timer|none>

Command Parameters

SBX-85716  Re-initiate Pre-condition Negotiation Towards Ingress

Two new parameters are added to SIP trunk group signaling and are shown in the context of the complete command syntax.

• performPrecondtionRenegotiation: to re-initiate precondition procedure when the 

  Spacevars
  0 product

  changes the ingress side SDP due to 18x/200 OK or UPDATE received from the egress side.
• preferUPDATEOverReINVITE: to use UPDATE instead of Re-INVITE on the ingress to communicate SDP, when the call goes to the confirmed state.

For more information, refer to:

• SIP Trunk Group - Signaling - CLI
• SIP TG - Signaling - Prefer UPDATE Over ReINVITE - CLI
• SIP TG - Signaling - Perform Precondtion Renegotiation - CLI

Command Syntax

% set addressContext default zone <zone_name> sipTrunkGroup <siptrunkgroup_name> signaling preferUPDATEOverReINVITE <enabled | disabled>

% set addressContext default zone <zone_name> sipTrunkGroup <siptrunkgroup_ingress_name> signaling performPrecondtionRenegotiation 
<enabled | disabled>

Command Parameters

SBX-86008 Cloud SBC Avalanche Fault - Detection and Control

Packets that cause a direct SBC fault can lead to a catastrophic failure of an SBC service, which is known as a packet-stimulated fault avalanche. These packets appear for various reasons, such as: the SBC adds a new Session Initiation Protocol (SIP) endpoint, upgrades or replaces a peering endpoint or gateway (GW), changes a configuration on a peer, or introduces a new call scenario. The SBC does not currently check for double faults, which is when the SBC has a failover and then another failover. Double faults cause call loss.

For more information, refer to  CLI Configure Mode.

Command Syntax

Use the following command to set and configure the faultAvalancheControl parameter.

% set system faultAvalancheControl callIdThreshold <0-999> calledPartyThreshold <0-999> callingNCalledPartyThreshold <0-999> callingPartyThreshold <0-999> sourceIpThreshold <0-999> faultRecAgeingTimeOut <15-60>

Use the following command to enable or disable the faultAvalancheControl parameter.

% set system faultAvalancheControl facState <disabled | enabled>

Command Parameters

SBX-86658 Offer-Answer Timer Configuration

In specific call scenarios, the SBC treats the Offer-Answer (OA) as a MODIFY Offer-Answer cycle, but the peer treats it as an INITIAL Offer-Answer cycle. According to RFC 3261, the response from the peer is expected within 300 seconds. The SBC, however, assumes a 20-second response, and therefore any delay in the response from the peer which exceeds of 20 seconds causes call failure.

Currently, the internal Offer-Answer (OA) timer value is fixed and cannot be configured. To overcome this limitation, the SBC is enhanced with a new parameter offerAnswerTimer to configure this OA timer.

For more information, refer to Signaling - Global - CLI

Command Syntax

% set global signaling sipSigControls offerAnswerTimer 
Possible completions:
<Enter offer answer timer value in range of (10..300) in seconds.> (20):

Command Parameters

SBX-86789 SBC Should Create TLS Connection Based on Contact Header

The SBC provides the following new SIP trunk group parameter to specify whether to use the Contact header information instead of the source IP address when routing a call to an access user over TLS transport. 

For more information, refer to SIP Trunk Group - Signaling - CLI

Command Syntax

Command Parameters

SBX-87239 Response Code Change When SBC Fails a DNS Query 

 When the SBC fails a DNS query, it generates a 503 or 500 error response. These error codes are now mapped to a configurable response code. A new enum - DnsRcodeError - has been added to internalCause in sonusSipInternalCauseMapProfile.yang to provide mapping entry in existing InternalSipCauseMapProfile profile.

For more information, refer to Show Table Global. and Internal SIP Cause Map Profile - CLI.

Command Syntax

% set profiles signaling sipCauseCodeMapping internalSipCauseMapProfile <profile_name> causeMap <CPC cause value> DnsRcodeError

Command Parameters

SBX-88542 Prefix-based TG Selection using SMM

The SBC adds support for using  SIP Message Manipulation (SMM) to enable secondary selection of an ingress trunk group. This processing requires two new SMM operations and SIP Param Based Action profiles.

For more information, refer to SIP Adaptor Profile - CLI.

Command Syntax

The following new operations are supported in SMM sipAdaptorProfiles.

%  set profiles signaling sipAdaptorProfile <profileName> rule <rule index> action <action index> operation 
        storeSipParam
        storeProfileName

The SIP Param Based Action profile is supported.

%   set profiles signaling sipParamBasedActionProfile <profileName> 
          action <none | selectTG>
          entry <0 to 2056>
             trunkGroupName <trunk group name>
             matchType 
               full 
                 param <parameter value>
               none
               range 
                 rangeEnd <end of parameter range>
                 rangeStart <start of parameter range>
               regexp
                 paramRegexp <regular expression>

Command Parameters

The following table describes the new SMM operations.

The following table describes the parameters in the sipParamBasedActionProfile.

SBX-88601 SMM: Support Global Configuration

The SBC adds support for applying SIP message manipulation (SMM) profiles (SIP adaptor profiles) at both the global and address context levels and options that control how to execute profiles when they are specified at more than one level.

For more information, refer to Signaling - Global - CLI.

Command Syntax

Global

The following new options specify the names of SIP adaptor profiles to apply at the global level.

% set global signaling messageManipulation
      inputAdapterProfile <profile name>
      outputAdapterProfile <profile name>

Address Context

The following new options specify the names of SIP adaptor profiles to apply to sessions within a specified address context..

% set addressContext <address context> signaling messageManipulation
      inputAdapterProfile <profile name>
      outputAdapterProfile <profile name>

SIP Trunk Group

The following new options specify whether or not to use fixed order execution when multiple SMM profiles apply to a session. When fixed order execution is enabled, you can also specify which of the four profile types to enable and therefore include in SMM processing.

% set addressContext <address context>  zone <zone> sipTrunkGroup <trunk group name> signaling messageManipulation smmProfileExecution 
      none
      fixedOrder 
         addressContext acState <disable | enable>
         global globalState <disable | enable> 
         iptg iptgState <disable | enable>  
         zone zoneState <disable | enable>     

Command Parameters

Global

Address Context

SIP Trunk Group

SBX-70005 Relay Changes in PAID as per RFC-5876

A new Services profile, sipAdaptiveTransparencyProfile, is added to configure SIP header transparency for P-ASSERTED-IDENTITY.

For more information, refer to SIP Adaptive Transparency Profile - CLI.

Under sipAdaptiveTransparencyProfile, the following parameters are added:

• sipMethod
• sipResponse
• state
• triggerHeader
• action
• trigger

Command Syntax

% set profiles services
	sipAdaptiveTransparencyProfile <profile_name>
		sipMethod <UPDATE | INVITE>
		sipResponse <180 | 183 | 200>
		state <disabled | enabled>
		triggerHeader <P-ASSERTED-ID>
			action new-value
			trigger value-change

Command Parameters

sipMethod

SBX-85818 + SBX-85655 Support for SIP-ISUP

The CLI changes are as follows:

• The following profiles are added under the object profiles signaling:
  • calledPrefixMatchProfile
  • carrierCodeToIoiMappingProfile
  • ioiToCarrierCodeMappingProfile
  • sipJJ9030InterworkingProfile
    For information on the parameters associated with each of the profiles, see the sub-section Command Syntax.
• The following parameter is added under the object profiles signaling NNIProfile:
  • contractorNumInterworking
• The following profiles are added under the object addressContext zone sipTrunkGroup signaling:
  • calledPrefixMatchProfile
  • sipJJ9030InterworkingProfile

For more information, refer to the following pages:

• Called Prefix Match Profile - CLI
• Carrier Code to Ioi Mapping Profile - CLI
• Ioi to Carrier Code Mapping Profile - CLI
• SIP JJ9030Interworking Profile - CLI
• NNI Profile - CLI
• SIP TG - Signaling - Called Prefix Match Profile - CLI (Duplicate of Called Prefix Match Profile - CLI)
• SIP TG - Signaling - SIP JJ9030Interworking Profile - CLI (Duplicate of SIP JJ9030Interworking Profile - CLI)
• Show Table Profiles - Signaling

Command Syntax

To configure the signaling profile calledPrefixMatchProfile, use the following syntax:

% set profiles signaling
	calledPrefixMatchProfile <called_prefix_match_profile_name: 1-23 characters>
		prefixMatch 
			<stringPattern: 1-12 digits, 'X' or 'x' characters>
			<startPosition: 0-11>
			<digitLength: 1-30>

To configure the signaling profile carrierCodeToIoiMappingProfile, use the following syntax:

% set profiles signaling
	carrierCodeToIoiMappingProfile <carrier_code: 4 digits [0-9]>
		accessParam <class | type>
		accessValue <access_value_string: 1-64 characters>
		ioi <inter_operator_identifier_string: 1-128 characters>

To configure the signaling profile ioiToCarrierCodeMappingProfile, use the following syntax:

% set profiles signaling
	ioiToCarrierCodeMappingProfile <inter_operator_identifier_string: 1-128 characters>
		carrierCode <carrier_code: 4 digits [0-9]>

To configure the signaling profile sipJJ9030InterworkingProfile, use the following syntax:

% set profiles signaling
	sipJJ9030InterworkingProfile <sip_JJ9030_Interworking_Profile_name: 1-23 characters>
		addUserEqualPhoneforDivHiInterworking <disabled | enabled>
		bciCalledPartyCategory <noIndication | ordinary | payphone | spare>
		bciChargeIndicator <charge | noCharge | noIndication | spare>
		bciTerminatingIsdnAccess <isdn | nonIsdn>
		chargeAreaInformation <charge_area: 5 digits [0-9]>
		origIoi <originating_inter_operator_identifier_string: 1-128 characters>
		originatingCarrierCode <originating_carrier_code: 4 digits [0-9]>
		setHiPresentationRestricted <disabled | enabled>
		sipFlavor
			JJ9030
			SIP-T
			SIP-ttc-charging-params
		termIoi <terminating_inter_operator_identifier_string: 1-128 characters>

To configure the parameter contractorNumInterworking under the profile NNIProfile, use the following syntax:

% set profiles signaling NNIProfile <nni_profile_name>
	contractorNumInterworking <disabled | enabled>

To attach the signaling profiles calledPrefixMatchProfile and sipJJ9030InterworkingProfile with sipTrunkGroup, use the following syntax:

% set addressContext <address_context_name> zone <zone_name> sipTrunkGroup <SIP_TG_name> signaling
	calledPrefixMatchProfile <called_prefix_match_profile_name>
	sipJJ9030InterworkingProfile <sip_JJ9030_interworking_profile_name>

Command Parameters

The parameter descriptions for profiles signaling calledPrefixMatchProfile are as follows:

The parameter descriptions for profiles signaling carrierCodeToIoiMappingProfile are as follows:

The parameter descriptions for profiles signaling ioiToCarrierCodeMappingProfile are as follows:

The parameter descriptions for profiles signaling sipJJ9030InterworkingProfile are as follows:

The descriptions for new parameters under profiles signaling NNIProfile are as follows:

The descriptions for new parameters under addressContext zone sipTrunkGroup signaling are as follows:

To configure the flag gibaSupportForS8hrInboundUser, execute the following command:

% set addressContext <addressContext> zone <zone> sipTrunkGroup <sipTrunkGroup> signaling gibaSupportForS8hrInboundUser <disabled | enabled>

To attach the hplmnProfile to the SIP Trunk Group, execute the following command:

% set addressContext <addressContext> zone <zone> sipTrunkGroup <sipTrunkGroup> services hplmnProfile <hplmnProfile>

To attach the vplmnProfile to the SIP Trunk Group, execute the following command:

 % set addressContext <addressContext> zone <zone> sipTrunkGroup <sipTrunkGroup> services vplmnProfile <vplmnProfile>

The following parameters are added to the sipActiveRegisterNameStatus:

• ueRoamingType
• mobileCountryCode
• mobileNetworkCode

The following attributes are added to the sipCurrentStatistics and sipIntervalStatistics parameters:

S8HR User Roaming in Visited Network

• totNumOfS8hrOutbndReg
• numOfS8hrOutbndRegSuc
• numOfS8hrOutbndRegFail
• totNumOfS8hrOutbndNormalCall
• numOfS8hrOutbndNormalCallSuc
• numOfS8hrOutbndNormalCallFail
• numOfS8hrOutbndEmgCallRej

S8HR User Roaming in Home Network

• numOfS8hrInboundRegSuc
• numOfS8hrInboundRegFail
• numOfS8hrInboundEmgCallSuc
• numOfS8hrInboundEmgCallFail

SBX-49335 MRF Based Transcoding Support for T.140 Text

Previously, the SBC invoked Media Resource Function (MRF) only for audio streams to achieve transcoding. Non-audio streams were relayed end-to-end even when the audio was sent to MRF.

Teletype (TTY) is the legacy service offered through encoding text characters as tones that are embedded in a carrier (PCMU, PCMA, or EVRC) media stream. The T.140 streams carry text as a separate payload.

With this feature, the SBC invokes MRF for T.140 and TTY interworking to achieve transcoding (see the following call flow). When T.140 and TTY interwork, text characters exchange between the T.140 stream and the tones carried inband with the audio.

This feature modifies the callDetailStatus parameter by enhancing the mediaTypeStream<X> statistic to transcode for text streams when the SBC invokes MRF for T.140 and TTY interworking.

SBX-51244 SBC SWe and SWe Cloud CLI Support for Configuring Provisioning Limits

The SBC SWe and SBC SWe Cloud are enhanced to provide the configuration provisioning support using CLI and EMA. The provisioning limits can be configured based on the available RAM capacity. To achieve this functionality, the table sweConfigProfileSelection is configured under system.

The SBC supports following two configuration profiles to configure the provisioning limits:

• small: applicable to the VM RAM >=10 GiB
• large: applicable to the VM RAM >=18 GiB

% set system sweConfigProfileSelection name <small | large>

SBX-51324 Fax Transmissions Cannot Perform with T.38 Relay Mode when Trunk Group is T.38FallbackToG711 and use Voice Codec is G.711

The media codecEntry configuration for G.711 adds the honorToneDetection flag in the fax and modem parameters.

% set profiles media codecEntry <codecEntryName> codec g711 fax honorToneDetection <disable | enable>

% set profiles media codecEntry <codecEntryName> codec g711 modem honorToneDetection <disable | enable>

SBX-51327 SIP Requests Max-Forwards Header

A new Flag rfc7332ValidateMaxForwards is added in SipTrunkGroup signaling configuration in INGRESS side.

The default value for rfc7332ValidateMaxForwards is disable. If rfc7332ValidateMaxForwards is enabled, the SBC will use the Max-Forwards header value received from the end-user, and decrements this header value by 1 before forwarding it to the other end-user. If the value received from the end-user is 0 or 1, the SBC will discard that request with an error response of "483 - Too Many Hops."

% set addressContext <addressContext -name> zone <zone -name>  sipTrunkGroup < TG- name> signaling rfc7332ValidateMaxForwards <disable | enable>

SBX-52875 b=AS Support for AMR/AMR-WB/EVS

The sipTrunkGroup media configuration adds appSpecificBandwidth.

% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> media appSpecificBandwidth <disabled | enabled>

SBX-56400 VZW GETS - egress DSCP marking for SIP signaling

The hpcCallProfile configuration adds the dscpValue parameter.

% set profiles services hpcCallProfile <hpcCallProfile name> dscpValue <X>

SBX-59457/SBX-64007/SBX-58494 Robust Rsyslog Implementation for At-scale CDR and TRC file transport

The SBC supports Rsyslog as a method of sending event messages to a syslog server. It now has enhanced Rsyslog service with a number of new features:

• Spooling to reduce message loss. In the event that the connection is down to the syslog Server, support to spool log entries locally is used to reduce message loss for all log types.
• Adding future support to broadcast to multiple syslog servers
• Support sending additional Linux logs to syslog servers
  

  • Allow new configuration to specify which /var/log/ files to transfer over syslog

  • Allow a mechanism to capture Linux session console logs and transfer via syslog

• Introduce IPv4/IPv6 validation to the Rsyslog Remote Host fields

> show table oam eventLog platformRsyslog
 
% set oam eventLog platformRsyslog servers server<no> remoteHost<host_ip> protocolType<protocol> port <port>

> show configuration oam eventLog platformRsyslog

% set oam eventLog platformRsyslog syslogState <disabled | enabled>
 

SBX-60609 Hyperthreading support on SWe

New hyperthreading support affects various table options, parameters, and profiles in:

• sweTrafficProfiles
• sweActiveProfile
• show table system

SBX-61552 JITC - Need to use cryptographic mechanisms to protect audit information at rest

JITC requires the audit (.AUD) and security (.SEC) logs to be cryptographically protected. Since both logs are required to be hashed, this functionality is extended to support the hashing of all Event Logs on the SBC.

> show table system security hashEventLogs
 
> show configuration system security hashEventLogs

% request system security eventLogValidation generateDefaultKeys

% request system security eventLogValidation showPublicKey <default/user>

% request system security eventLogValidation setUserPrivateKey <uniqueUserPrivateKeyName> <userPrivateKey>

% request system security eventLogValidation deleteUserPrivateKey

SBX-61963 SIP Response Code Statistics

The SBC can be configured to provide counts of the number of times different SIP responses codes are either sent or received during a statistics interval. Statistics of this type can provide insight into call-related or registration-related failures within the network. You can enable collection of current and interval SIP response code statistics on specific SIP trunk groups or IP peers. By default collecting SIP response code statistics is disabled on SIP trunk groups and IP peers.  

When enabled, the statistics are stored in the following four tables. Refer to Interval Statistics - CLI for information on the parameters that control collection of interval statistics.

• sipTrunkGroupResponseCurrentStatistics
• sipTrunkGroupResponseIntervalStatistics
• sipIpPeerResponseCurrentStatistics
• sipIpPeerResponseIntervalStatistics

In addition to identifying the specific trunk group or IP peer to which they apply, entries in the table include:

• direction (either SENT or RECEIVED)
• response code number (one of the standard SIP response codes such as 100, 180, 200)
• response count (The number of instances of the specified response code in the specified direction)

Two new flags are added, one within IP peer and one within trunk group configuration, to enable collecting SIP response code statistics on specific objects of that type.

% set addressContext <acName> zone <zoneName> ipPeer <ipPeerName> sipResponseCodeStats <enabled|disabled>
% set addressContext <acName> zone <zoneName> id <zoneId> sipTrunkGroup <tgName> sipResponseCodeStats <enabled|disabled>

SBX-61999 SIPREC RFC Compliance Support for Dynamically Programmable Metadata Content

The SBC supports SIPREC when the SIPREC specifications were in early drafts (draft-ietf-siprec-xx-06). With the implementation of this feature, the SIPREC standard has evolved to RFCs (RFC 7245, RFC 7865, RFC 7866, and RFC 8068), and provides capability for supporting "dynamically programmable" selection of metadata content.

The profile sipRecMetaDataProfile is introduced to the services to provide the capability to configure the headers that are mapped from the target call leg to the XML and the corresponding metadata XML element name.
In case of a basic call, all information is copied from the initial-INVITE message on the leg where the tap is, to the metadata XML. However, "To" header and "to-tag" is copied additionally from the local information (as to-tag does not present in the INVITE).
In case of SIPREC trigger during REFER based transfer, irrespective of where the SIPREC tap is, all information is copied from the initial-INVITE of the new call leg towards the transfer target (C party).
In case of CLI triggered recording, the existing implementation of sending predefined information in metadata XML remains same (gcid, call-id, from, to). The new configuration of header-metadata mapping is not considered in this scenario.

The profile sipRecMetadataProfile is added to the SRS Trunk Group to configure the metadata format.

The following parameters are added to the profile sipRecMetadataProfile:

• version
• sipHeader
  • sipToXmlTagName
• state

% set profiles services sipRecMetadataProfile <sipRecMetadataProfile>

SBX-62052 Enhancement to Capture Decrypted Signaling

The SBC, which continuously captures encrypted signaling packets of SIP over TLS at layer 2, has been enhanced to to capture decrypted signaling packets as well.

The SIP PDUs (Protocol Data Units) are captured at the application layer and continuously streamed to the monitoring server. Configurable Headers are included in SIP PDUs to enable the monitoring server to decode SIP signaling properly. Headers have source and destination IP address/Port information along with additional information which is configurable – this information is needed by the monitoring server in order to correlate the stream received.

The packet is captured at ingress leg without SMM applied and with SMM applied on egress leg, which is essentially what is being sent on the wire. To lessen performance impact, all socket-management activities to the monitoring server use a separate SIPSM (SIP Signaling Monitor ) process receives all signaling packets from the SIP Signaling Gateway (SIPSG) and streams to the configurable external monitoring server either over UDP or TCP.

A profile attached to the signaling port is a trigger for this feature. All feature-related configuration can be set in this profile.

The CLI adds a Monitoring Profile to configure monitoring server, filters, header names and select from the fixed set of information. 

% set profiles services monitoringProfile <monitoring profile name>

SBX-62097 SRTP Support for SIPREC Towards SRS

The SBC is enhanced to support sending encrypted media streams (Secure Real-Time Transport Protocol (SRTP)) towards the SIPREC recorders.

The following parameters are added to the SRS Group Data to support whether the Secure Real-Time Transport Protocol (SRTP) is enabled for the call or not. The cryptoSuiteProfile is an existing parameter. The parameter cryptoSuiteProfile is configured under profile and security and can be attached to the SRS Group Data.

• srtp
• cryptoSuiteProfile

% set global servers srsGroupProfile <srsGroupProfile> srsGroupData <priority index>
 srtp <disable | enable>
  cryptoSuiteProfile <cryptoSuiteProfile>

SBX-62422 Remove Default Passwords and Support Two Privilege Levels With Key Injection

The Ribbon SBC is enhanced to secure management of user accounts and passwords on its OpenStack versions. Default passwords have been eliminated in favor of injected credentials. SSH keys for users linuxadmin and admin are now pushed using the User Data section of the HEAT template.

Because the sftpadmin account is deleted, the associated CLI is also removed.

SBX-62769 LCQ To Header Transparency flag on PSX is also affecting RURI Transparency

This feature implementation globalizes the Request-URI. Currently, when the To-Header Transparency flag is set, it is also sending the Request-URI transparently even when the globalization flag is enabled. When set, the To-Header Transparency should not send the called number in the Request-URI locally. Request-URI globalization should be independent of the To-Header Transparency.

For this feature, Request-URI is globalized when globalization for the called number is enabled and if the To-Header Transparency flag is enabled, Request-URI called number will not be transmitted transparently to the egress leg. To-Header transparency flag will not affect Request-URI globalization.

Enables flag to transparently copy the Request URI from the incoming message to the outgoing message for INVITE, REGISTER, SUBSCRIBE/NOTIFY. Provision this flag on the egress leg (with respect to the message direction).

% set profiles signaling ipSignalingProfile <profile_name> commonIpAttributes transparencyFlags requestURI

SBX-64339 Need Control to Disable Sending eDNS OPT Record in ENUM Query by ERE

The enumDomainName forwardersData configuration adds the eDNSType flag and eDNSBufferSize parameter. The servers lwresdProfile configuration adds the eDnsGlobalBufferSize and eDnsMonitorInterval parameters.

SBX-65796 Need ENUM Queries to use the SIP Signaling Interface on the SBC

The SBC uses the signaling interface to send ENUM queries, in addition to sending ENUM queries from the management interface. ENUM queries are properly marked, and packets from the signaling interface receive higher priority, when ENUM queries are sent through the signaling interface.

The signalingIp parameter is added to the type field of the servers lwresdProfile configuration. Set the servers lwresdProfile type to signalingIp to send the ENUM queries through the signaling interface using the sipSigPort IP address. The signaling interface uses port 988 to send and receive the queries.

When lwresdProfile type is configured as signalingIp, configure the addressContext, zone, sipSigPort, and ipInterfaceGroupName parameters with the correct combinations as configured during sipSigPort.

• The addressContext updates the staticRoute for the ENUM server, and this configuration includes the <pkt0 ip> parameter.
• The servers lwresdProfile type configuration adds the signalingIp parameter. The signalingIp includes the addressContext, zone, sipSigPort, and ipInterfaceGroupName parameters.
• The lwresdProfile can attach the enumArsProfileId. Configure this profile ID for black listing and white listing in the enumArsProfile, which is added to the global servers configuration.

SBX-66074 Registration Statistics per Domain

A new parameter, sipRegCountDomainStats, is added and can be used with both show status and show table commands. An address context must be specified and specifying a domain is optional. If a specific domain is not specified the command returns per-domain statistics for up to 256 domains. The command returns no data if there are no domain names found.

show status addressContext <AC_Name> sipRegCountDomainStats <DomainName>

show table addressContext <AC_Name> sipRegCountDomainStats <DomainName>

The following existing CLI command is extended to also reset the cumulative domain-based statistics (countAttempt, countCumCompletion, emergAcceptTotal) for all domains:

request addressContext <AC_Name> sipRegCountReset

> show status addressContext <AC_Name> sipRegCountDomainStats <DomainName>
    countAttempts
    countCumCompletions
    countPending
    countStable
    countTotal
    emergAcceptTotal
    emergActiveTotal
 
> show table addressContext <AC_Name> sipRegCountDomainStats <DomainName>
    countAttempts
    countCumCompletions
    countPending
    countStable
    countTotal
    emergAcceptTotal
    emergActiveTotal

SBX-67977 Enhance Privacy Info for User and ID

With the implementation of this feature, the SBC is enhanced to support:

• The privacy handling on the "P-Asserted-Id (PAI)" header when the "privacy: id" is received and applies this privacy handling on the "From" header when "privacy: user" is received.
• The new privacy profile configuration to apply privacy services independently on each leg.

• Remove any non-essential headers that are added by the user agent, including the Subject, Call-Info, Organization, User-Agent, Reply-To, and In-Reply-To.

To configure this feature, the privacyProfile is added to the services.

The following flags are added to the privacyProfile:

• applyPrivacyId
• applyPrivacyUser
• passThruPrivacyInfo
• supportPrivacyId
• supportPrivacyUser

Deprecated CLI