Use this sample configuration to configure your SLB-SBC setup on GCP.
Use the same configuration on all SBCs which communicate to a particular SLB.
Steps:
When configuring the ipAddress
on the SBC, you must use the IP address for the HFE interface that front-ends the PKT port used for SLB communication.
Configure SLB on GCP HFE2.1
set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 ceName vsbcSystem portName pkt0 ipVarV4 IF2.IPV4 ipPublicVarV4 HFE_IF2.FIPV4 prefixVarV4 IF2.PrefixV4 commit set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 mode inService state enable commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 ceName vsbcSystem portName pkt1 ipVarV4 IF3.IPV4 ipPublicVarV4 HFE_IF3.FIPV4 prefixVarV4 IF3.PrefixV4 commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 mode inService state enable commit set addressContext default zone ZONE_IN id 2 commit set addressContext default zone ZONE_IN id 2 sipSigPort 2 ipInterfaceGroupName LIG1 ipVarV4 IF2.IPV4 ipPublicVarV4 HFE_IF2.FIPV4 portNumber 5060 state enabled mode inService transportProtocolsAllowed sip-tls-tcp,sip-tcp,sip-udp commit set addressContext default zone ZONE_OUT id 3 commit set addressContext default zone ZONE_OUT id 3 sipSigPort 3 ipInterfaceGroupName LIG2 ipVarV4 IF3.IPV4 ipPublicVarV4 HFE_IF3.FIPV4 portNumber 5060 state enabled mode inService transportProtocolsAllowed sip-udp,sip-tcp,sip-tls-tcp commit set system slb commInterface addressContext default ipInterfaceGroup LIG2 pktIpVar IF3.IPV4 commit set addressContext default staticRoute 10.0.98.1 32 0.0.0.0 LIG1 LIF1 preference 100 commit set addressContext default staticRoute 0.0.0.0 0 10.0.98.1 LIG1 LIF1 preference 100 commit set addressContext default staticRoute 10.0.98.0 24 10.0.98.1 LIG1 LIF1 preference 100 commit ##Egress## set addressContext default staticRoute 10.0.99.1 32 0.0.0.0 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 0.0.0.0 0 10.0.99.1 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 10.0.99.0 24 10.0.99.1 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 10.54.27.128 32 10.0.99.1 LIG2 LIF2 preference 100 commit command
Configure ACLs on SLB
The Bucket Size value is insignificant if the Fill Rate value is unlimited. If the ACL rules with action = discard, the Fill Rate and the Bucket Size values are irrelevant, and the packets are dropped based on the Type, IP address, or Port. The Fill Rate and the Bucket Size parameters do not play any role since the policer portion of an ACL is only applicable for the "accept" action and is ignored with the "discard" action since all the packets are already discarded by the criteria.
set addressContext default ipAccessControlList rule 1 state enabled fillRate unlimited bucketSize unlimited protocol udp destIpAddress IF3.IPv4 precedence 1 destIpAddressPrefixLength 32 set addressContext default ipAccessControlList rule 2 state enabled fillRate unlimited bucketSize unlimited protocol tcp destIpAddress IF3.IPV4 precedence 2 destIpAddressPrefixLength 32 set addressContext default ipAccessControlList rule 3 state enabled fillRate unlimited bucketSize unlimited protocol tcp destIpAddress <slb commInterface IP> precedence 3 destIpAddressPrefixLength 32
Configure SBC SWe for SLB
set system slb usage enabled com set addressContext default ipInterfaceGroup LIG1 ipInterface LIF1 portName pkt0 ipVarV4 IF2.IPV4 ipPublicVarV4 HFE_IF2.FIPV4 prefixVarV4 IF2.PrefixV4 state enabled mode inService commit set addressContext default ipInterfaceGroup LIG2 ipInterface LIF2 portName pkt1 ipVarV4 IF3.IPV4 ipPublicVarV4 HFE_IF3.FIPV4 prefixVarV4 IF3.PrefixV4 state enabled mode inService commit set addressContext default zone ZONE_IN id 2 commit set addressContext default zone ZONE_IN sipSigPort 2 commit set addressContext default zone ZONE_OUT id 3 commit set addressContext default zone ZONE_OUT sipSigPort 3 commit set addressContext default zone ZONE_IN sipTrunkGroup SIP_INGRESS_TG mode inService state enabled media mediaIpInterfaceGroupName LIG1 commit set addressContext default zone ZONE_IN sipTrunkGroup SIP_INGRESS_TG ingressIpPrefix 15.236.100.145 32 commit set addressContext default zone ZONE_OUT sipTrunkGroup SIP_EGRESS_TG mode inService state enabled media mediaIpInterfaceGroupName LIG2 commit set addressContext default zone ZONE_OUT ipPeer EGRESS_PEER ipAddress 10.10.4.11 ipPort 4020 commit set global callRouting routingLabel CLOUD routingLabelRoute 0 ipPeer EGRESS_PEER trunkGroup SIP_EGRESS_TG inService inService commit set global callRouting route trunkGroup SIP_INGRESS_TG VSBCSYSTEM standard 888 1 all all ALL none Sonus_NULL routingLabel CLOUD commit set addressContext default zone ZONE_IN sipTrunkGroup SIP_INGRESS_TG signaling timers sessionKeepalive 0 commit set addressContext default zone ZONE_OUT sipTrunkGroup SIP_EGRESS_TG signaling timers sessionKeepalive 0 commit set system media mediaPeerInactivity inactivityTimeout 20 commit #SLB #Set slbAddress IP to HFE's IP associated with SLB's interface on which the SLB is listening for connection from the SBCs #Example: SLB listening on pkt1 interface - this IP should be HFE's IP associated with pkt1 set system slb usage enabled commit set system slb slbAddress SLBGCP ipAddress 10.54.27.16 commit set addressContext default zone ZONE_IN id 2 sipSigPort 2 slbName SLBGCP commit set addressContext default zone ZONE_OUT id 3 sipSigPort 3 slbName SLBGCP commit set system slb commInterface addressContext default ipInterfaceGroup LIG2 pktIpVar IF3.IPV4 commit set addressContext default staticRoute 10.0.98.1 32 0.0.0.0 LIG1 LIF1 preference 100 commit set addressContext default staticRoute 0.0.0.0 0 10.0.98.1 LIG1 LIF1 preference 100 commit set addressContext default staticRoute 10.0.98.0 24 10.0.98.1 LIG1 LIF1 preference 100 commit ##Egress## set addressContext default staticRoute 10.0.99.1 32 0.0.0.0 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 0.0.0.0 0 10.0.99.1 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 10.0.99.0 24 10.0.99.1 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 10.54.27.16 32 10.0.99.1 LIG2 LIF2 preference 100 commit set addressContext default staticRoute 10.54.27.29 32 10.0.99.1 LIG2 LIF2 LIF2 preference 100 commit set addressContext default staticRoute staticRoute 104.197.76.103 32 10.0.98.1 LIG1 LIF1 preference 100