Table of Contents

About SBC Release Notes

This document describes new features, the latest hardware and software requirements, known limitations and other pertinent release information for the latest release of SBC Core.

Please note that all Ribbon bugs reported by customers on a given software release will be fixed in the latest release on that software release branch.

To view and download the latest End of Product Sale (EoPS) and other End Of Life (EOL) notices, navigate to the Resource Library on the corporate website (https://ribboncommunications.com/company/get-help/resource-library).

Related Documentation

The SBC Core 07.02.xx documentation is located at the following Wiki space: SBC Core 7.2.x Documentation.

Release Notes Use and Distribution

Ribbon Release Notes are protected under the copyright laws of the United States of America. This work contains proprietary information of Ribbon Communications, Westford, MA-01886, USA. Use, disclosure, or reproduction in any form is strictly prohibited without prior authorization from Ribbon Communications.

Associated Ribbon Bulletins

The following Ribbon Bulletins are referenced in this release note:

  • Warning-18-00028230: Call failure during LSWU when upgrading 5.x release to 6.2.1 or higher (VMWare or KVM) with 10 or more vCPUs configured.
  • Warning-17-00022847: The DNS configuration parameters within the address contexts may cause certain configurations to fail during an upgrade
  • Warning-17-00022689: Duplicate Trunk Group or Zone names can cause unexpected behavior
  • Warning-14-00020748: Verify system and databases are fully in sync prior to Live Software Upgrade (LSWU)
  • Bulletin-18-00028529: The System Security Intrusion Detection AIDE Reports False Positive Alarms

  • Warning-19-00028624: Custom EMA TLS certificate is overwritten with a default self-signed SBC certificate during an upgrade to versions 6.1.x, 6.2.x, 7.1.x, 7.2.x 
  • Warning-19-00028636: SBC SWe Gateway-to-Gateway signaling is disabled in certain SBC SWe versions 
  • Warning-19-00029555: CDR Viewer and Live Monitoring cannot be enabled/disabled
  • Warning-17-00022737: Re-installing an SBC from an ISO image and restoring the config. from a tar.gz backup file may cause loss of encrypted config. parameters for certain releases
  • Warning-19-00022867: SM Process may core dump after upgrading to version 3 of the BMC software

To view/download Ribbon bulletins, do the following:

  1. Log on to the Support Portal (https://ribboncommunications.com/services/ribbon-support-portal-login)
  2. Click Bulletins link from the menu bar. 
  3. Enter the bulletin number (last eight numbers) in the search field and press Return.
Note

The WBA section may not include all Warnings, Bulletins and Alerts associated with this release. Before attempting to upgrade to any release, it is recommended to check the Customer Portal in Salesforce for any newly published WBAs that may include this release in the "affected versions" section.

Problems or Questions

For problems or questions, contact Ribbon Support through telephone or fax: 

Worldwide Voice: 1 (978) 614-8589

USA Toll-free: 1 (888) 391-3434

Worldwide Fax: 1 (978) 614-8609

About SBC Core

The SBC Core platforms address the next-generation needs of SIP communications by delivering media transcoding, robust security and advanced call routing in a high-performance, 2RU, and 5RU form-factor devices enabling service providers and enterprises to quickly and securely enhance their network by implementing services like SIP trunking, secure Unified Communications and Voice over IP (VoIP).

For more product information, refer to the section About SBC Core in the main documentation space.

Interoperability

The SBC Core software interoperates with the following:

  • SIP/H.323 compliant IADs and IP-PBXs
  • PSX Policy Server Softswitch via SIP redirects and/or Diameter+ protocol
  • SBC 9000 through SIP call signaling and Networks MCS protocol
  • NetScore collection, analysis, monitoring, and reporting of selected Key Performance Indicators (KPIs) on a near-real time basis

Note

NetScore maintains a list of remote host keys for all nodes from which it collects data. If NetScore is deployed in your network, connectivity to the SBC will be lost any time the SBC software is reinstalled because the SBC’s host key is updated during the install. Refer to NetScore Release Notes for steps needed to reconnect to the SBC.

H.323-SIP and SIP-H323 Calls

When using H.323-SIP and SIP-H.323 call flows, an additional Re-invite/Update may get generated towards the SIP side. To suppress this, enable the IP Signaling Profile (IPSP) flag Minimize Relaying Of Media Changes From Other Call Leg at the SIP side.

Note

H.323 is not supported on SBC SWe cloud deployments.

Compatibility with Ribbon Products

Tip

When upgrading your network, ensure to upgrade each product to the most current release to take advantage of the latest features, enhancements, and fixes.

Info

For complete interoperability details between various Ribbon products, including backwards compatibility, refer to Ribbon Product Interoperability.

Refer to SBC Core Portfolio Interoperability Matrix for the latest and minimum compatible product versions supporting the 07.02.02R000 release.

Sample Heat Templates Included in This Release

To instantiate the SBC instances, the following template can be used:

SBC Heat Templates

 Template NameDescription
heatRgNoDhcp.yamlM-SBC/S-SBC Heat template for No DHCP IPv4 or IPv6. This template include instructions to enable port redundancy.

Note:

Example template files are packaged together in .tar.gz and .md5 files separate from the SBC Core application installation and upgrade files:

  • cloudTemplates.tar.gz
  • cloudTemplates.tar.gz.md5

SBC SWe Cloud Requirements for OpenStack

The system hosting the SBC SWe Cloud must meet the below requirements for OpenStack:

Server Hardware Requirements

 

ConfigurationRequirement
Processor

Intel Xeon processors (Nehalem micro-architecture or above) with 6 cores and above (processors should support hyper threading).

Note

Ribbon recommends Westmere (or newer) processors for better SRTP performance. These processors have the AES-NI instruction set for performing cryptographic operations in hardware. 

 RAMMinimum 24 GiB
 Hard DiskMinimum 100 GB
Network Interface Cards (NICs)

Minimum 4 NICs.

Note

Make sure NIC has multi-queue support which enhances network performance by allowing RX and TX queues to scale with the number of CPUs on multi-processor systems.

Note

The PKT ports must be 10 Gbps SR-IOV enabled port.

Note

6 NICs are required for supporting PKT port redundancy.

The system hosting the SBC SWe must meet the following requirements to achieve the performance targets listed: 

S-SBC SWe Requirement

S-SBC SWe Requirements
for 1000 CPS/120K Signaling Sessions 
Notes

32 vCPUs

Due to the workload characteristics, allocate 20 physical cores with two hyper-threaded CPUs from each core to the SBC.

128 GiB RAM

Must be Huge Page memory. The minimum page size is 2048 KiB, but 1048576 is recommended.

100 GB Disk

None

4 vNICs/6 vNICs

Attach MGT0 port to the Management VirtIO Tenant network.

HA port has to be on IPv4 VirtIO Tenant network.

Attach PKT0 and PKT1 ports to SR-IOV and Provider network.

M-SBC SWe Requirement

M-SBC SWe Requirements
for 30K Media Sessions
Notes

20 vCPUs

Due to the workload characteristics, allocate 10 physical cores with two hyper-threaded CPUs from each core and from single NUMA node to the SBC.

32 GiB RAM

Must be Huge Page memory. The minimum page size is 2048 KiB, but 1048576 is recommended.

100 GB Disk

None

4 vNICs/ 6 vNICs

Attach MGT0 port to the Management VirtIO Tenant network.

HA port has to be on IPv4 VirtIO Tenant network.

OpenStack Requirements

The SBC SWe supports the following OpenStack environments:

  • Newton with RHOSP 10 and RHEL 7.4
  • Queens with RHOSP 13 and RHEL 7.5
Note

The SBC SWe Cloud was tested on OpenStack Queens with RHOSP 13 and RHEL 7.5.

SBC SWe Requirements for KVM

The following table lists the server hardware requirements.

KVM Hypervisor Server Hardware Requirements

 
Configuration Requirement
Processor

Intel Xeon processors (Nehalem micro-architecture or above) with 6 cores and above (processors should support hyper threading).

Note

Ribbon recommends using Westmere (or newer) processors for better SRTP performance. These processors have the AES-NI instruction set for performing cryptographic operations in hardware.

Note

The supported CPU Family Number is 6 and CPU Model Number must be newer than 26. Refer to Intel Architecture and Processor Identification document for more information.


 RAMMinimum 24 GB
Hard DiskMinimum 500 GB
Network Interface Cards (NICs)
Minimum 4 NICs.
Note

Make sure NIC has multi-queue support which enhances network performance by allowing RX and TX queues to scale with the number of CPUs on multi-processor systems.

Note

The Intel I350, x540, and 82599 Ethernet adapters are supported for configuring as SR-IOV and DirectPath I/O pass-through devices.


Ports

Number of ports allowed:

  • 1 Management port
  • 1 HA port
  • 2 Media ports

SBC SWe Requirements for VMWare

The following table lists the server hardware requirements:

Server Hardware Requirements

 
 ConfigurationRequirement
Processor

Intel Xeon processors (Nehalem micro-architecture or above) with 6 cores and above (processors should support hyper threading).

Note

Ribbon recommends using Westmere (or newer) processors for better SRTP performance. These processors have the AES-NI instruction set for performing cryptographic operations in hardware.

Note

The supported CPU Family Number is 6 and CPU Model Number must be newer than 26. Refer to Intel Architecture and Processor Identification document for more information.

Note

ESXi 6.5 and later releases require approximately two physical cores to be set aside for hypervisor functionality. Number of VMs which can be hosted on a server needs to be planned accordingly.

 RAMMinimum 24 GB
Hard DiskMinimum 500 GB
Network Interface Cards (NICs)
Minimum 4 NICs, if physical NIC redundancy is not required.

Otherwise, 8 NICs (preferably with SR-IOV capability to support SWe optimizations).

Notes
  • Make sure NIC has multi-queue support which enhances network performance by allowing RX and TX queues to scale with the number of CPUs on multi-processor systems.
  • The Intel I350, x540, and 82599 Ethernet adapters are supported for configuring as SR-IOV and DirectPath I/O pass-through devices. The SR-IOV is supported only with 10 Gbps interfaces (x540/82599).
  • The Enterprise Plus license is required for SR-IOV.
Note

 Intel x710 NICs are also supported on VMware (ESXi versions 6.5 and above) with SR-IOV enabled. x710 NICs are not supported on Direct I/O or KVM. 

Ports

Number of ports allowed:

  • 1 Management port
  • 1 HA port
  • 2 Media ports

 

 

Warning

The SBC SWe software only runs on platforms using Intel processors. Platforms using AMD processors are not supported.

Required Software and Firmware Versions

The following SBC 5000 series (51x0/52x0), SBC 5400 and SBC 7000 software and firmware versions are required for this release. For 5xx0 the BIOS can be installed during app install, whereas for 5400 and 7000 the BIOS is included in the firmware package and is installed during the firmware upgrade. 

Required Software and Firmware Versions

Components

Software/Firmware

Version

SBC Platform

  

SBC 51x0/52x0 BMC

V03.20.00-R000

SBC 51x0/52x0 BIOSV02.06.00
SBC 5400 Firmware

BMC: V03.20.00-R000

BIOS: V1.17.0

SBC 7000 Firmware

BMC: V03.20.00-R000

BIOS: V2.13.0

SBC Application

 


Operating System (OS) Version

V06.02.02-R000
SonusDB

V07.02.02-R000

EMAV07.02.02-R000

SBC Application

V07.02.02-R000

Note

The firmware package of SBC 5400 and 7000 series includes BMC, BIOS, and other binaries. The firmware is upgraded from the BMC.

How to Verify Currently Installed Software/Firmware Versions

Use the EMA to verify the currently installed software and firmware versions.

Log on to the EMA, and from the main screen navigate to Monitoring > Dashboard >  System and Software Info.

Software Bundles

The following software release bundles are available for download from the Customer Portal:

  • SBCSWe_7.2
  • SBC5x7x_7.2

Download the appropriate software packages for your desired configuration from the Customer Portal (https://ribboncommunications.com/services/ribbon-support-portal-login) to your PC:

SBC 5000 Series (51x0/52x0) Firmware

  • firmware-5XX0-V03.20.00-R000.img

  • firmware-5XX0-V03.20.00-R000.img.md5

  • bmc5X00_v3.20.0-R0.rom.md5sum

  • bmc5X00_v3.20.0-R0.rom

SBC 5400 Firmware

  • firmware-5400-V03.20.00-R000.img
  • firmware-5400-V03.20.00-R000.img.md5

SBC 7000 Series Firmware

  • firmware-7X00-V03.20.00-R000.img
  • firmware-7X00-V03.20.00-R000.img.md5

Note

Execute the Method Of Procedure (MOP) only for upgrading the FPGA image of an SBC 7000 DSP-LC card when the SBC 7000 DSP-LC FPGA version is 0x14. The MOP can be applied at any version time, with the only restriction being that the BMC firmware version is at least 1.25.0. However, if the SBC application is running version V05.01.00R000 or higher, then the DSPs will be set to disabled and transcoding and transrating calls will fail if the SBC 7000 DSP-LC FPGA version is 0x14. Therefore, it is necessary to upgrade the SBC 7000 DSP-LC FPGA if the version is 0x14, before upgrading the SBC to 5.1.0. However, the MOP can be applied if the application version is higher than 5.1.0. 

SBC Core Operating System Installation Package

The ConnexIP Operating System installation package for SBC Core:

  • sbc-V07.02.02R000-connexip-os_06.02.02-R000_5_amd64.iso
  • sbc-V07.02.02R000-connexip-os_06.02.02-R000_5_amd64.iso.md5


Note

 Once the ConnexIP ISO procedure is completed, the SBC application package is automatically uploaded to SBC platforms.

SBC Core Application Package

The SBC Application installation and upgrade package for SBC Core:

  • sbc-V07.02.02R000-connexip-os_06.02.02-R000_5_amd64.qcow2
  • sbc-V07.02.02R000-connexip-os_06.02.02-R000_5_amd64.qcow2.md5
  • sbc-V07.02.02-R000.x86_64.tar.gz
  • sbc-V07.02.02-R000.x86_64.md5
  • sbc-V07.02.02-R000.x86_64.signature

For detailed information on installation and upgrade procedures, refer to SBC Core Software Installation and Upgrade Guide.

Cloud Service Archive (CSAR) Packages for VNFM Deployment on OpenStack

These files are for SBC SWe deployments in the OpenStack cloud using VNFM.

For VNFM deployment, the VNF Descriptor (VNFD) file is provided in a Cloud Service Archive (CSAR) package for the type of SBC cluster being deploying. VNFs are independent and CSAR definitions are imported into the VNFM via an Onboarding mechanism. The SBC has several different CSAR variants, for different personalities (S-SBC, M-SBC) and interface types (virtio, sriov). The supported CSAR packages for the SBC are:

  • ssbc_virtio_7.2.csar
  • ssbc_sriov_7.2.csar
  • msbc_virtio_7.2.csar
  • msbc_sriov_7.2.csar

Files required for CSAR creation: 

  • createVnfmCsar.py
  • vnfmSol001VnfdTemplate.yaml
  • sbc-V07.02.02R000-connexip-os_06.02.02-R000_5_amd64.qcow2

For detailed information on installation and upgrade procedures, refer to SBC Core Software Installation and Upgrade Guide.

Upgrade Notes

Warning

A LSWU on an SBC 7000 should only be performed when the total number of active calls on the system is below 18,000. If the criteria is not met, a double failure during the upgrade may occur, thereby losing all active calls. If such a failure occurs, both active and standby SBC services will go down.  Contact Ribbon Support immediately.

Note

Release 7.2 requires additional user account security practices for SBC SWe deployments in Openstack cloud environments. During upgrade of SBC SWe cloud instances deployed using Heat templates, you must use a template that includes SSH keys or passwords for the admin and linuxadmin accounts. The example Heat templates have been updated to include information on how to specify this type of data in the userdata section of a template.

Note

Once the installation or upgrade completes on the SBC 51x0 and SBC SWe platforms, the copy of the installation package (SBC Core Installation and Upgrade Package) is automatically removed from the system.

Note

As an SBC Core password security enhancement, user passwords automatically expire after upgrading to 7.2.x. As a result, users are required to change their passwords upon initial login immediately following the upgrade.

Note

Customers using the Network licensing mode will stay on the Network licensing mode after upgrade to the SBC 7.2.2 Release.

Customers using Legacy mode will stay on the Legacy mode after upgrade to SBC 7.2.2 Release. Once upgraded to SBC 7.2.2 Release, the customer will not be able to set Network License mode.

Note

The SBC 7.2 5xx0 and 7000 platforms may exhibit a 7% degradation of CPU performance relative to earlier releases. This is attributable to the Spectre/Meltdown security patches.

Note

For the procedure specific to SBC SWe upgrades on KVM Hypervisor or VMware to take advantage of performance improvements due to hyper-threading, refer to MOP to increase vCPUs Prior to Upgrading SBC SWe on VMware or KVM Hypervisor.

Note

 In NFV environments, the method used for upgrades involves rebuilding the instance, which requires additional disk space on the host. The minimum disk space needed for this operation is listed in the table below.

Disk Space Requirements

Flavor
Extra Space Required (GB)
S-SBC80
M-SBC80
PSX-M360
PSX-S360
PSX-Test360
EMS_SA150

Note

The SBC 51xx and 52xx systems require 24GB of RAM to run 6.x code or higher.

07.02.02R000 Upgrade Information

Warning

Prior to performing an upgrade to release 07.02.02R000, usernames that do not conform to the new SBC user-naming rules must be removed to prevent upgrade failure. Upgrade can proceed successfully after removing all invalid usernames. The following user-naming rules apply:

  • Usernames can begin with A-Z a-z _ only.
  • Usernames cannot start with a period, dash, or digit.
  • Usernames can contain a period(.), dash(-), alphabetic characters, digits, or underscore(_).
  • Usernames cannot consist of digits only.
  • Usernames can contain a maximum of 23 characters.

The following names are not allowed:

tty disk kmem dialout fax voice cdrom floppy tape sudo audio dip src utmp video sasl plugdev staff users nogroup i2c dba operator

Note: Any CLI usernames consisting of digits only or not conforming to new user naming rules will be removed after performing a restore config in release 7.2.2R000. 

Warning

Prior to performing an upgrade to the 7.2 release, the dnsGroups with type mgmt must be specified/updated with the "interface" field. The steps are included in WBA "W-17-00022847". To view the WBA, log on to the Support Portal and click the Bulletins link from the menu bar. Enter the bulletin number (last eight numbers) in the search field and press Return.

Warning

Prior to performing an upgrade to 7.2 release, the duplicate trunk groups or zones must be removed. The steps are included in WBA "W-17-00022689". To view the WBA, log on to the Support Portal and click the Bulletins link from the menu bar. Enter the bulletin number (last eight numbers) in the search field and press Return.

If the above MOP is not run, the LSWU process may fail because of duplicate trunk group or zone names.

If you are upgrading from any SBC version with ePSX configuration to the 07.02.02R000 release, execute the Method of Procedure, MOP to Reconfigure SBC (with ePSX) to External PSX Prior to an Upgrade to 06.00.00R000 Release prior to performing an upgrade. For a list of supported LSWU paths, refer to 290361389.

Support of maddr Post-Upgrade

When upgrading SBC Core to release 5.0.0 (and above) from a pre-4.2.4 release, complete the "Action to take" immediately after the upgrade if either condition that follows is applicable:

  • If you are using the SBC with a Broadsoft system and the SBC is configured for registration access (where the SBC sits between SIP phones and the Broadworks System). Otherwise no new REGISTER will be processed (phones will lose registration).
  • If you are using the SBC with other feature servers that require maddr processing.

Action to take: On the SIP trunk group facing Broadsoft (or other feature server), set the SIP Trunk Group signaling flag, honorMaddrParam, to enabled on the Trunk Group(s) requiring maddr handling. The default is ‘disabled’.

set addressContext <addressContext name> zone <zone name> sipTrunkGroup <TG name> signaling honorMaddrParam <disabled | enabled> 

See the following pages for configuration details:

SBC SWe Pre-Upgrade Requirements

VM CPU resource allocation requirements

Starting with 4.2.4R0 release, CPU resource allocation requirements for SBC SWe VM are strictly enforced contrary to previous releases. You must review and verify these VM settings (including co-hosted VMs) against the documented "VM Configuration Recommendations" on the For VMware page in the Hardware and Software Requirements section before upgrading. If you encounter a problem, correct the CPU reservation settings as specified in step 6 of the "Adjust Resource Allocations" procedure on Creating a New SBC SWe VM Instance with VMXNET3. CPU reservation should be set as “number of vCPUs assigned to VM * physical processor CPU frequency". If VM uses the same number of vCPUs as the number of physical processors on the server, this reservation may not be possible. In this case, reduce the number of vCPUs assigned to VM by one and set the CPU reservation to the appropriate value.

When using the show table system serverSoftwareUpgradeStatus command during the upgrade, the Standby server's LSWU status will always display "Upgrading" even though the upgrade may have failed due to host checker validation. To check if host validation failed for the Standby, check for HostCheck Validation Failed message in the upgrade.out log.

Disable Call Trace feature prior to LSWU/upgrade

As a prerequisite for SWe LSWU/upgrade, disable the Call Trace feature prior to performing the LSWU/upgrade and re-enable it once the LSWU/upgrade is completed.

Manually check for Hostcheck Validation Failed message

Perform the following procedure on the Standby to check for the Hostcheck Validation Failed message in the upgrade.out log.

  1. Log on to ESXi of the Standby SBC SWe.

  2. Check in/opt/sonus/staging/upgrade.out (this log shows the Hostcheck Validation Failed error).

  3. Power off the VM.

  4. Reduce the number of vCPUs assigned to VM by one and set the CPU reservation to the appropriate value.

  5. Power on the VM. The SBC SWe successfully upgrades to the latest version 6.2.0. 

  6. Run the command show table system serverSoftwareUpgradeStatus to confirm the successful upgrade.

  7. Perform similar procedure for LSWU on Active.

Preparing for Upgrade (All Platforms)

Warning

Prior to performing a Live Software Upgrade (LSWU), verify if the system and the databases are in sync. The steps are included in WBA "Warning-14-00020748". To view the WBA, log on to the Support Portal and click the Bulletins link from the menu bar. Enter the bulletin number (last eight numbers) in the search field and press Return.

Note

The SBC 7.2 release skips the SRV query if the flag in a DNS NAPTR response from the DNS server indicates to proceed with "A" record query as per RFC 2915/3403. This is a change in behavior from previous releases, where the SBC performed SRV queries irrespective of the "flag" setting returned by DNS Server.  If you use DNS NAPTR/SRV/A record query from SBC to determine peer transport address, ensure the DNS Server is configured to return ‘S’ flag to invoke an SRV query.

Note

In this release, LSWU infrastructure is added to the Platform Manager (PM), providing the ability to perform LSWU upgrades to later releases using the PM. However, this feature is not currently supported in 4.2.x releases and should not be used at this time.

Please read the following information and take necessary actions before starting your upgrade to this release.

Since the release 4.1.4, the cryptographic key pair used to sign and verify the package has been changed to enhance security. When installing/upgrading from all 4.0.x releases, all pre-4.1.4 releases (4.1.3 and earlier), and all pre-4.2.3 releases (4.2.2R00x and earlier), do one of the following, depending upon your upgrade method:

  • LSWU through CLI: Skip the integrity check during LSWU by using the CLI command below.

    During LSWU, use the integrityCheck skip option when upgrading from CLI:

    > request system serverAdmin <server> startSoftwareUpgrade integrityCheck skip package <package>
    Note

    Integrity check works as expected only when upgrades are started from 4.1.x releases (4.1.4R000 or later) or from 4.2.3R000 or later releases.

  • Upgrade through Platform Manager: If upgrading using Platform Manager, simply ignore the "Wrong Signature" warning message and continue the upgrade normally.
Note

Downgrading to any pre-5.0 release from this release requires a ConnexIP re-ISO installation. For more information, refer to:


Customer running 7.1 or 7.2 releases must check the eventLog configuration to confirm that the memusage log type has a server1 syslog configuration and if it is not present, they need to manually create before attempting to upgrade to the latest code.

The following command example output shows how to confirm with the server1 config is present for the memusage log type:

show configuration oam eventLog typeAdmin
typeAdmin packet {
 
state      enabled;   
fileCount   64;   
fileSize    10240;
filterLevel info; 
servers server1;
 }

 typeAdmin memusage {
 state enabled;
 }

Update the configuration with the following commands -
configure
 set oam eventLog typeAdmin memusage servers server1

Supported Live Software Upgrade (LSWU) Paths


The SBC Core supports Live Software Upgrade from releases listed in the table below:


Supported Upgrade Paths

V05.00.xxV05.01.xxV06.xxV07.xx
V05.00.00R000V05.01.00R000V06.00.00R000V07.00.00R000
V05.00.00R001V05.01.00F001V06.00.00R001V07.00.00F001
V05.00.00S102V05.01.00F002V06.00.00F001V07.00.00F002
V05.00.00S104V05.01.00F003V06.00.00F002V07.00.00F003
V05.00.00S200V05.01.00F004V06.00.00F003V07.00.00F004
V05.00.00S201V05.01.00F005V06.00.00F004V07.00.00F005
V05.00.00S202V05.01.00F006V06.00.00F005V07.00.00F006
V05.00.00S203

V05.01.00F007

V06.00.00F006V07.01.00R000
V05.00.00S204V05.01.00F008V06.00.00F007V07.01.00R001
V05.00.00F001V05.01.01F001V06.00.00F008V07.01.00R002
V05.00.00F002V05.01.01F002V06.00.00F009V07.01.00R003 
V05.00.00F003V05.01.01F003V06.00.00F010V07.01.00R004
V05.00.00F004V05.01.01F004V06.00.00F011V07.01.00F001
V05.00.01R000V05.01.01F005V06.00.00F012

V07.01.00F003

V05.00.01R001V05.01.01F006V06.01.00F001

V07.02.00R000

V05.00.01R002V05.01.00S608V06.01.00F002V07.02.00R002
V05.00.01S001V05.01.00S610V06.01.00F003V07.02.01R000
V05.00.01F001V05.01.00S611V06.01.00R000V07.02.01R001
V05.00.01F002V05.01.00S612V06.01.00R001V07.02.01R002
V05.00.01F003V05.01.00S613V06.01.00R002

V07.02.01F001

V05.00.02R000V05.01.00S614V06.01.00R003

V07.02.01F002

V05.00.02R001V05.01.00S617V06.01.00R004
V05.00.02A059V05.01.00S619V06.01.00R005 
V05.00.02A061V05.01.00S620V06.01.00R006


V05.00.02F001V05.01.00S621V06.01.00R007


V05.00.02F002V05.01.00S622V06.01.00R008 
V05.00.02F003V05.01.01R000

V06.01.00R009 


V05.00.02F004V05.01.01R001V06.02.00R000
V05.00.02F005V05.01.02F001V06.02.01R000
V05.00.03R000V05.01.02F002V06.02.01R001
V05.00.03R001V05.01.02F003V06.02.01R002 
V05.00.03R002V05.01.02F004V06.02.01F001
V05.00.03R003V05.01.02F005V06.02.01F002
V05.00.03F001V05.01.02F006V06.02.01F003
V05.00.03F002V05.01.02F007V06.02.01F004
V05.00.03F003

V05.01.02F008

V06.02.01F005
V05.00.03F004V05.01.02F009V06.02.01F006 
V05.00.03F005V05.01.02S001V06.02.01F007
V05.00.03F006V05.01.02R000V06.02.01F008
V05.00.03F007V05.01.02R001V06.02.02R000
V05.00.03F008V05.01.02R002V06.02.02R001
V05.00.04F001V05.01.02R003V06.02.02F001
V05.00.04R000V05.01.02R004V06.02.02F002
V05.00.04R001V05.01.03R000V06.02.02F003
V05.00.05F001V05.01.03F001V06.02.02F004
V05.00.05F002V05.01.03F002V06.02.02F005
V05.00.05F003V05.01.03F003V06.02.02F006
V05.00.05F004V05.01.03F004V06.02.02F007
V05.00.05F005V05.01.03F005V06.02.02F008
V05.00.05F006V05.01.03F006V06.02.02F009
V05.00.05F007V05.01.03F007V06.02.02F010
V05.00.05F008V05.01.03F008V06.02.03R000
V05.00.05R000V05.01.03F009V06.02.03F001
V05.00.06R000 V05.01.03F010V06.02.03F002
V05.00.06F001V05.01.04R000V06.02.03F003
V05.00.06F002V05.01.04F001V06.02.03F004
V05.00.06F003V05.01.04F002V06.02.04R000
V05.00.06F004V05.01.04F003V06.02.04F001
V05.00.06F005V05.01.04F004


V05.01.05R000


V05.01.05F001


V05.01.05F002


V05.01.05F003


V05.01.05F004


V05.01.05F005 


V05.01.06R000


V05.01.06F001


Note

Prior to upgrading to 7.x, run the following command to verify availability of at least 40 MB free disk space in the /boot partition.

df -kh


New Features

New Features in 07.02.02R000 Release

The following features are available in 07.02.02R000 Release.

SBX-55806 Memory leak leads to switchover with no information to determine leak

When memory usage on an SBC system exceeds 90%, the FM process restarts the current node.  However, when the restart/fail-over occurs, core dumps are not generated against the processes that are consuming the memory. Since core dumps are essential to analyze a memory leak, functionality is added to generate core dumps of the top two SBC processes which consume the most memory.

Additionally, the parameter outOfMemoryCoredump is added to the "System" section of the CLI and EMA guides allowing the user to configure:

  • the number of out-of-memory coredumps allowed on a system,
  • the number of processes against which to take a core dump when memory utilization is high, and
  • the memory utiliization threshold, as a percentage, to determine when to take coredumps of high memory utilization which is consuming processes.

For configuration details, refer to:

SBX-70429 / 90420 IMS LI: Buffering of DSR messages when the connection towards Mediation Server is down

As part of the initial IMS LI implementation, when the connection between the SBC and the mediation server (TCP connection) goes down, the DSR messages sent towards the mediation server are lost. Due to this, the Mediation server does not receive the complete signaling details about the intercepted target.

 The SBC is enhanced in this release to support the following behaviour:

  • Buffers DSR (X2) messages whenever a TCP connection towards mediation server is down
  • Attempts a TCP re-establishment connection towards the mediation server using the systematic procedure (reactive model)
  • Uses the systematic procedure to send the stored DSR messages in a staggered method towards the mediation server when the TCP connection link is up
  • Sends alarms/traps to indicateg buffering/loss of DSR messages

For more information, refer to:


SBX-75575 CLIR Support For Lawful Intercept

The SBC provides presentation indicator information for a calling number to the LI server in the “Signaling Instance” message of the “Terminal Display Info” attribute. The SBC sends the Signaling Instance message after a “Signaling Start” message.

The Signaling Instance message parameters are updated based on the following rules. 

  • Attribute: Signal Type (51)
  • When a call is intercepted at ingress, signal type is set to 2 (Subject_Signal).
  • When a call  is intercepted as egress, signal type is set to 1 (Network_Signal).
  • Attribute: Terminal Display info (54)
    The Calling number bit in the Terminal_Display_Status_Bitmask field is set if the presentation Indicator of the Calling number received from the PSX is set to any of the following:
    • allowed
    • restricted
    • unavailable
  • Calling_Number
    The Calling_Number field is set depending on the Presentation Indicator of the Calling number:
    • Allowed
      The actual calling number is displayed.
    • Restricted
      The calling number is set as “private”.
    • Unavailable
      The calling number is set as “unavailable”.

SBX-86782 Implement DM (allowed) Validation on the receipt of ANS (XDMI) in SIPSG

The current SBC behavior is to allow Direct Media before sending the INVITE towards the egress endpoint. This causes a problem with a particular call-pick up scenario. To address this, the SBC is enhanced to also allow Direct Media during an answer with XDMI as well. 

The two Direct Media call flow types are:

  1. Direct Media with ingressEP->SBC->EgressEP
  2. Direct Media with ingressEP->SBC->ASX->SBC->egressEP.

This solution is targeted for "Scenario 2".

For more information, refer to:


SBX-88688 Address gaps for the Blind Transfer REFER support post switchover

The SBC is enhaced to address gaps with the Blind Transfer REFER after a switchover.

Blind Transfer scenarios:

  • With Policy Dip
  • Without Policy Dip

This enhancement ensures that the SBC behaves consistently during multiple switch-overs/reverts.

New Features in Previous Releases

For new features in previous releases, refer to:

 


Resolved Issues

Resolved Issues in 07.02.02R000 Release 

The following issues are resolved in this release:


Resolved Issues


Issue IDSevProblem DescriptionResolution
1SBX-861932

The D-SBC DFE module, which controls connections to the MSBC/TSBC, continues to read memory after being freed.

This issue was found from ASAN testing in the lab.

Root Cause: This issue was due to not stopping a timer correctly after a link to MSBC/TSBC went down whereby the timer later expired it causing the timer handler to read the freed memory. Although the memory was being read, it was first being used to check that the memory block was associated with the timer by looking at the timerID field in the memory block. If the block did not match then nothing more was read. If the block did match, then the code should have stopped doing any further processing as all the associated calls would have already been cleared up. This issue is only seen for an edge case scenario where the timerID part of memory is not updated, but other fields are updated.

Impact: The D-SBC DFE module continues to read memory after being freed.

Steps to Replicate: Run the NWDL SVT automation suite on ASAN images.

Platform/Feature: SBC

The code is modified to stop the timer when the gateway control block in DFE is freed so the timer does not expire and try to access the freed memory.
2SBX-866841

The SCM Process cores when making a REFER call where more than two SCMs are present in an I-SBC configuration. When the scenario occurs, the SBC does not recognize the N:1 Slot and will not pick the changes.

Impact: SCM Process cores 

Root Cause: When N:1 changes came, Refer code is not modified to pick the changes of N:1 slot ID.

Steps to Replicate: Execute a Refer call and ensure that call lands on SCM greater than 2 (because coredump will not occur if call lands on SCM0 or SCM1).

Platform/Feature: SBC

The code is modified to pick N:1 changes for slot ID.
3SBX-864802

The SCM may core due to memory corruption caused by processing Global PCDR Info received from the Policy Server.

Impact: Repeated SCM cores.

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to free previously allocated Global PCDR Info structure before allocating to a new one.
4SBX-861802

During the write process to create a new policy status reporting file, the correct read privileges were not present to allow the successful completion of the status reporting session.

Impact: The status reporting process wrongly reports a sync in progress.

Root Cause: /home/oraadmin/SSDB/PolicyDBSyncStatus is getting removed by logrotate. When the new file was created by write process, it did not have the correct privs to be read by status reporting session, so the status reporting process wrongly reported sync in progress.

Steps to Replicate: N/A

Platform/Feature: SBC: Application

The code is fixed to resolve this issue.
5SBX-86667 / SBX-864682

Portfix SBX-86468: When the "Registration Expires in Expire Header" flag is enabled in the surrogate registration on Ingress TG IPSP, the de-registration is sent before the registration can refresh, which results in a call failure. (Originated in release 6.2.3F2)

Impact: The SBC is not picking the correct expiration value resulting in a long refresh timer (more than expired value); de-registration is sent before the registration refresh.

Root Cause: The SBC is not picking the correct expiration value that results in along refresh timer (more than the expire value), and de-registration is sent before registration refresh.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to pick up the correct expiration value from response PDU if "Registration Expires in Expire Header" flag is enabled for surrogate registration.
6SBX-869991

The SBC added a REFER method in the Allow header when the condIncMethInAllowHdr was enabled, though REFER is set to Reject in TG methods instead of Allow Only.

Impact: N/A

Root Cause: N/A

Steps to Replicate:

  1. Run a SIP->SIP call with default settings. REFER was included in the Allow header in the outbound INVITE.
  2. Set the refer to "reject" under the egress trunk group->signaling -> methods -> refer. Now in the Allow header of the outbound INVITE, REFER was not included. This works as expected.
  3. Set flag condIncMethInAllowHdr under the egress trunk group->signaling to "enabled". Now in the Allow header of the outbound INVITE, REFER was included. This shows that this flag changed the behavior.

Platform/Feature: SBC

REFER is set to Allow only if it is not rejected in the TG methods.
7SBX-85144 / SBX 726932

PortFix SBX 72693: FPGA failures are observed on DSP cards. (Originated in release 8.0.0)

Impact: Communication lost between the CPU on the SBC and FPGA on the DSP card.

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: DSP

A server reboot is initiated to restore communication.
8SBX-864933

SBC adds "Max-Forwards: 71" header into SIP responses in violation of RFC3261 section 20

Impact: After receiving the error message with Max-Forwards header, End User may report for Invalid message as it deviate from RFC3261 response message header inclusion.

Root Cause: When the SBC does not find the route information when adding the Max-Forwards header for an incoming call, the SBC rejects the call.

Steps to Replicate: N/A

Platform/Feature: SBC

Avoid Max-Forwards header addition while forming the SIP response.
9SBX-865231

When the PCRF is enabled, a SCM may core on switchover.

Impact: N/A

Root Cause: The function SipSgReconstructParentRcb() allocates a structure (pcrfInfo), but leaves it empty if sbyRdbPtr->diamRxHandle is 0. One of the fields in this structure is a list pcrfGCIDList, and this list is left uninitialized if sbyRdbPtr->diamRxHandle is 0. Later, SipSgIncomingCallNfy() attempts to insert something in this uninitialized list causing a core.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to prevent the PCRF related SCM core on a switchover.
10SBX-862462

The SBC reads the end of a memory block while processing DTLS signaling.This issue was found while running ASAN regression in the SVT lab.

Impact: This can result in invalid accessing of memory. This can potentially lead to coredumps if the memory block is at the end of the process memory as it will then try to access invalid memory.

Root Cause: The code was processing the fingerPrint information associated with DTLS calls and was reading of the end of the memory block because it was not correctly null terminated.

Steps to Replicate: Execute the SVT STIR/SHAKEN-related test suite to reproduce this issue.

Platform/Feature: SBC

The code is modified to prevent the additional CR and LF (0x0d, 0x0a) characters at the end of an ISUP MIME body.
11SBX-688582

The SBC CDR 'GMT' timestamps are skipping forward and backward in some call scenarios.

Impact: This issues causes incorrect call start/stop/duration timestamps in the CDRs.

Root Cause: N/A

Steps to Replicate:

  1. Execute command: set system ntp timeZone pjk zone gmtPlus02-Athens
  2. Execute: sbxstop
  3. Set time on the NTP server to before the daylight saving time: date -s "2018-03-25 UTC 00:40:00".
  4. Execute: sbxstart, and make sure the SBC gets in sync with the NTP server.
  5. Start some call load to monitor the timestamps in the CDRs.
  6. Wait until 7:00 local time to see both CDR timestamp jump.

Platform/Feature: SBC: CDR

The code is modified to calculate the correct timestamps when daylight savings time begins and ends. 
12SBX-874561

CRLF in 7K mime causes fGenband SST to send extra hex data at bottom of ACM

A TDM customer places a call that is routed via CS2k/C20 Genband switch through a Sonus SBC.

Impact: If the call hits an SBC 7000, the SIP-T ACM passed back to the CS2K/SST has a length indicator in the SDP that is not present when the call hits a SBC 9000.

Root Cause: Extra CR, LF (0x0d, 0x0a) characters are added at the end of an ISUP MIME body immediately before the correct CR, LF is associated with the boundary line.

Steps to Replicate: N/A

Platform/Feature: SBC: SIP

The code is modified so that extra CR, LF (0x0d, 0x0a) characters are no longer added at the end of an ISUP MIME body.


13SBX-635712

"Call/Registration Data" stays in syncInProgress after the B node performs a LSWU.

Impact: The Active SBC may fail to synchronize ("Call/Registration Data" remains in syncInProgress) after an LSWU upgrade of the Standby SBC when using an IpPeer pathCheck profile.

Root Cause: N/A

Steps to Replicate: Test setup: LSWU from v5.1.2R0 to v5.1.2R2

  1. Create a pathCheck profile
  2. Create 100+ ipPeers with IPv4 ipAddress and ipPort
    1. Make sure the ipAddress / ipPort does NOT respond to the OPTIONS ping
  3. Assign pathCheck profile to the 100+ ipPeers
  4. State enable the 100+ ipPeers pathCheck profile
  5. Verify that the 100+ ipPeers have been blacklisted.
  6. Assign the 100+ ipPeers pathCheck profile hostName and hostPort
  7. Start LSWU of the Standby CE to v5.1.2R2
  8. Wait for LSWU of Standby CE to complete.
  9. Verify that the Synchronization Status for 'Call/Registration Data' remains in 'SyncInProgress' forever.
  10. Verify the following error message exists in the SYS log:
    "MAJOR .RTM: .RTM .PsObjectFactoryManager: Failed to find object's prototype while operating on object ID 154415 (0x25b2f)"

Platform/Feature: SBC: Application

The RTM process is updated to handle pathCheck messages that may occur during LSWU.


14SBX-873402

The DNS NAPTR transport is not used during surrogate Authentication REGISTRATION attempt. The Transport is not correctly set while the SBC is sending an Authorization request.

Impact: The subsequent Registration attempt fails as the SBC is changing the TCP port from a normal TCP port 47xxx to 5060 after it got challenged.

Root Cause: The SBC sends no NAPTR only SRV followed by A query and Surrogate registration successful.

Steps to Replicate:

  1. Set FQDN port to "0".
  2. Set Transport type in IPSP to "none"
  3. Enable noPortNumber5060 flag in IPSP.

Platform/Feature: SBC

The code is modified to set a correct transport type while sending an Authorization request.

15SBX-876413

When copying a SIP Adaptor Profile in the EMA using the "Copy SIP Adaptor Profile" option, and the "advancedSMM" flag is enabled on the original SIP Adaptor Profile, the flag is not copied over once the new profile is saved (the flag stays disabled).

Impact: Once the new profile is saved, the advancedSMM flag does not get saved and stays disabled.

Root Cause: The value of the advance SMM for a 'copy SMM' operation is not fetched in backend.

Steps to Replicate:

  1. Create a sip adaptor profile with enabling the “advanced SMM flag”
  2. Save the profile
  3. Copy the same profile using “copy sip adaptor button”
  4. Save with different name.

Platform/Feature: SBC

The code is modified to copy the flag state to the new profile.
16SBX-87684 / SBX-734242
Portfix: SBX-73424: The CDR field 8 in START and STOP records always shows zero, even if there is a delay in the PSX response (Originated in release 6.2.4).

Impact: N/A

Root Cause: The setup message time and the PSX response time are getting set to the same value, and thus the delta always results in zero.

Steps to Replicate:

  1. Make continuous LI calls before starting the upgrade in the base build (i.e 7.2.1R000).
  2. Spawn OAM nodes - the time taken by the OAM nodes to come up and get registered on EMS was less than 5 mins.
  3. Upgrade M-SBC standby 8.0.0A20_84 using stack delete and create procedure.
    Result: The SmProcess dumped core in the upgraded build in M-SBC standby.
  4. Once the SBC is up and in sync, upgrade the M-SBC active to 8.0.0A20_84 using stack delete and stack create method.
    Result: The M-SBC standby takes over as new active and running successfully, but LI interception fails.No calls are getting intercepted.
  5. Upgrade the primary SBC to 8.0.0A20 build.
    Result: SmProcess core dump occurs.

The same is observed while upgrading S-SBCs.

Platform/Feature: SBC: CDR

The code is modified to correctly calculate the delta for the setup message time and the PSX response time.
17SBX-87190 / SBX-867481

Portfix SBX-86748: The fragment timeout logic is decrementing the wrong interface's current in-use count. This problem only impacts hardware SBCs. (Originated in release 7.2.1)

Impact: If the PSX responses are large and the IP packets are fragmented, the SBC may retry multiple times due to reassembly failures resulting in packet drops.

Root Cause: The SBC's ability to handle defragmented packets will deteriorate. The NO DEFRAG MATCH count in "show table system networkProcessorStatistics defragStatistics" increments rapidly.

Steps to Replicate: N/A

Platform/Feature: SBC 5xx0, 7000

Fixed the fragment timeout logic that was decrementing the wrong interface's current in-use count. This problem only impacts the SBC hardware. 
18SBX-862392

The CDR connection timeouts greater than 127 seconds are not honored, as the TCP sessions times out after 127 seconds.

Impact: N/A

Root Cause: The TCP session times out in 127 seconds.

Steps to Replicate: N/A

Platform/Feature: SBC

Changed the range for the connection timeout to a range of 15 to 120 seconds.
19SBX-87708 / SBX-874481

Portfix SBX-87448: In the AWS SBC, SSH keys stored in CONFD database are lost during the upgrade to 07.xx.xx. (Originated in release 7.2.0)

Impact:  Any SSH key stored in the CONFD database is lost during the upgrade.

Root Cause: In AWS deployment where the volume replacement-based upgrades are used, the standby undergoing upgrade is not requesting CONFD.conf keys from older active SBCs.

Steps to Replicate:

  1. Perform LSWU from 7.0S407 to 7.2S400
  2. Call load of 700 sessions @7cps is running
  3. Trigger a switchover

Observation:

  1. Calls are running fine.
  2. Switchover is successful but observing errors in DBG file.

Platform/Feature: SBC

The issue is resolved by ensuring that the standby being upgraded requests the confd.conf keys from the active before proceeding with the upgrade. 
20SBX-879442

SBC is not processing the 200 OK.

Impact: N/A

Root Cause: Blind transfer call fails due to DLRBT. The internal tone flag on leg B was not reset properly, as a result of leg C failing to the cancel tone.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to reset the tone flag when B is connected. 
21SBX-880031

When the End to End PRACK is enabled and if call fails after sending 18x to Ingress before receiving PRACK or if any PRACK drops happens; there may be a memory leak.

Impact: N/A

Root Cause: When End to End PRACK is enabled, just after receiving 18x; memory will be allocated for storing reliable data. And this will be cleared when PRACK is sent out. But If there is PRACK drop (It happened as Call is simulated with SIPP scripts and it is closed abruptly) there is chance of memory leak.

Steps to Replicate: Run Call with reliable 18x messages and Enable End-To-End PRACK flag in IPSP. Close scripts just after sending 18x out or don't send PRACK from INGRESS.

Platform/Feature: SBC: SIP

The code is modified to release the memory while clearing call details for a call failure.
22SBX-858942

IPTABLES rules are incorrect on the SBC SWe after an upgrade where non-default addresses are configured for HA ports.

Impact: This may prevent the HA peers from communicating when one of the configured HA IP addresses is the same as the default address, but the other peer is not.

Root Cause: IPTABLES rules are incorrect on the SBC SWe after an upgrade in the case where non-default addresses were configured for HA ports.

Steps to Replicate: N/A

Platform/Feature: SBC SWe

The code is modified to flush the IPTABLES rules before adding the rules for the configured HA addresses.
23SBX-87911 / SBX-877681

Portfix SBX-87768: Standby links are down after upgrading to 7.2. This issue occurred as routers respond to ARP probe request sent by the SBC with a GARP request and target MAC in that ARP request is set to a broadcast MAC. The SBC expects the target MAC in ARP response sent by router to contain the MAC address of the SBC port from which request was sent. (Originated in release 7.2.1

Impact: Standby links are down.

Root Cause: The SBC is not treating the ARP probe request as a valid response which resulted in the SBC reporting standby links as DOWN.

Steps to Replicate: N/A

Platform/Feature: SBC

The issue is fixed by comparing the target IP address received in a ARP response to the destination IP configured in Link Monitor when target MAC comparison fails. In a GARP request/response, the target IP is be set to the IP of the router sending these packets. This change results in considering the GARP request sent by the router as valid response and reports link status correctly.
24SBX-88061 / SBX-874043

Portfix SBX-87404: When the SBC compare SDP online only and the peer answers with a 200 OK with SDP (where sessId and sessVer are zero), the SBC incorrectly sends a reInvite out before sending the acknowledgement. (Originated in release 6.2.4)

Impact: This issue may trigger an unnecessary reInvite.

Root Cause: SIPS fails to save the peer SDP when online validation only and both online and offline validation sessId and verId are zero in 200 OK.

Steps to Replicate:

Platform/Feature: SBC

The code is modified to change the order of validating profile to ensure it returns correctly.
25SBX-88168 / SBX-876152

Portfix SBX-87615: After the announcement script is completed, the CC validates this as a multiparty call and transfer script and notifies ingress to connect the call.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

After ann script is completed, the CC instructs the ingress to connect the call. 
26SBX-87828 / SBX-869302

Portfix SBX-86930: e2e prack is not working if require header is present and no 100rel. (Originated in release 6.2.4)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

If 100rel not in require header, it is validated in supported.
27SBX-87826 / SBX-860992

Portfix SBX-86099: Minimize the logic suppressing the Update. (Originated in release 6.2.4)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to send for the Update regardless of if the Minimize flag is set to ON.
28SBX-860803

When multiple DM Nat tables are configured, calls which should have been sent to Direct Media are being media anchored through the SBC.

Impact: N/A

Root Cause: DM Nat table entries are not getting properly created and entries are getting added to wrong tables - this is leading to Direct Media not working for entries configured in DM NAT table.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to create the entries correctly.
29SBX-87824 / SBX-860683

Portfix SBX-86068: reInvite after an authentication call is missing logic to copy the SMM scope variable data into a new message. (Originated in release 6.2.4)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Copied the SMM scope variable to new message so the SMM can apply the new logic.
30SBX-880701

In case a call to sonusPeerUpload.expect is made and if the peer goes down then, there may be a waittime for the SCP connection, resulting in the application healthcheck timing out after 10 seconds, which causes the application to crash.

Impact: N/A

Root Cause: The scp operation may get stalled if standby goes down while scp was in progress resulting in health check timeout in application in turn causing a crash suspecting deadlock.

Steps to Replicate: N/A

Platform/Feature: SBC

The SCP used times out in sonusPeerUpload.expect script to ensure that the wait time for the SCP connection to establish is no longer than 2 seconds.
31SBX-880361

Because of the Anonymize flag, the host name will get updated with Egress SIP Sig port in an outgoing PAI header. When the Source host name size (SIP Sig IP) is bigger than destination, the host name size (an existing host name in PAI received on INGRESS) issue will appear.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to reallocate memory before updating a host name value.
32SBX-86920 / SBX-862363

Porfix SBX-86236: The SWe TPAD channel modify code had a bug that had a response sent to a different entity on the host (SWEA instead of DDH) and that resulted in DDH major log event. (Originated in release 8.0.0)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: DSP

The code is modified to correct the behavior. 
33SBX-886252

Shadow file copy is available to admin user after an upgrade.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to remove the pre-upgrade shadow file saved during an upgrade.
34SBX-885412

The SBC ignored the ACK and failed to relay it to the INGRESS peer. As a result, after 10 seconds, the OA-FSM timer expired on the egress call leg and the call was torn down. 

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified so that the ACK can be relayed to the other call leg and the call can stay up.
35SBX-873253

The Scm Process may core dump while trying to double free the memory associated with the username of registration of the AOR.

Impact: N/A

Root Cause: The previous register AOR block was freed, however the username field was not set to NULL and subsequent re-registration or refresh comes in and reuses the heap memory that was freed for the previous registration. When we try to free our current registration block, double free is detected and hence we core.

Steps to Replicate: The problem is not reproducible.

Platform/Feature: SBC

Perform a Defensive check for stEndpointAOR.puchUserName and to set the value to NULL after its freed to avoid double free.
36SBX-886102

Possible memory leak when the parameter rewriteIdentities is enabled on a SIP trunk group.

Impact: N/A

Root Cause: If a SIP trunk group has the feature "rewriteIdentities" enabled, there is an edge case in which memory which was allocated for temporary storage of a toHeader is never freed.  

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified so that in all scenarios, memory is freed, which is allocated for temporary storage of toHeader.
37SBX-872612

When a E2E PRACK is disabled and PRACK is received from the caller with preconditions, the SBC does not relay the precondition changes to the callee.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The SBC sends an UPDATE towards egress to relay the preconditions to the callee.
38SBX-881321

NAPT learning is broken if the following events occur:

RTP and RTCP NAPT learning are enabled when call comes up 
No packets are received within 1.5 seconds 
RTCP packet is received 
RTP packet is received 

In this scenario, the source IP address and RTCP port learn from the received RTCP packet, but any subsequent RTP packets (from same source IP address) are not learned. So, the RTP port is never learned.

Impact: N/A

Root Cause:

This problem occurs because we checked in some NP code changes that basically added NATL support to learn source IP address from RTCP packet (which we never supported before), but we didn’t check in the necessary XRM changes to support this feature. Our thinking at the time was that the NP changes were backward-compatible with the existing XRM code, and thus the new NP RTCP NATL learning functionality would not be executed; the NP would continue to operate as before (RTCP packets received before NATL learning from RTP packet had occurred would be discarded).

In 8.0 we implemented the XRM/application changes that, coupled with the previously checked in NP changes, fully support RTCP NATL learning.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to add a NATL support to learn source IP address from an RTCP packet.
39SBX-886522

When an Audio transcode is possible and below the line index is zero, all non-core streams are being removed even when multipleAudioStreamsSupport is enabled.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: Media Resource Management

The code is modified by skipping the audio transcode for AUDIO/IMAGE streams under the multipleAudioStreamsSupport flag.
40SBX-887152

The SBC was reading the end of a memory block while trying to play an announcement, due to pre-conditions interworking happening on the ingress call leg.

Impact: N/A

Root Cause:

The code was passed in a memory block which contained the name of an announcement and was copying the name into a fixed size memory buffer. The code was always copying a fixed amount of memory. However the name of the announcement was less than the fixed amount being copied so the code was reading more than the allocated space.

If the memory block passed in was right at the edge of process memory then its possible this might cause a memory exception and coredump.

Steps to Replicate: This was found while running SVT pre-conditions test suite.

Platform/Feature: SBC

The code is modified to not copy more memory than required to hold the name of the announcement, to avoid reading invalid memory.
41SBX-88596 / SBX-853352

Portfix SBX-85335: The SBC replaces custom EMA SSL certificate with a self-signed certificate during an upgrade. (Originated in release 8.1.0).

Impact: N/A

Root Cause: User installed certificates were not being restored after upgrade and were getting replaced by default EMA certificates. Also, SSLVerifyClient was not being restored to its configured value after upgrade.

Steps to Replicate:

To verify restoration of SSLVerifyClient:
1. Setup and verify mutual authentication for EMA
2. Verify value of SSLVerifyClient ("required" when clientAuthMethod set to pkiCertOnly; "optional" when clientAuthMethod set to usernamePassworkOrPkiCert)
3. Perform upgrade and verify that the value of SSLVerifyClient remains the same as configured

Platform/Feature: SBC: EMA

While restoring certificates (server certificate and client CA certificate for EMA TLS Profile) from the CDB to the cache, they now restore to /opt/sonus/ema/apache/.
42SBX-883861

A second REFER comes in too fast when the previous referer has not completed the teardown. It sets the teardown in an invalid state.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Sending of ACK is delayed until the previous referer tears down. The subsequent REFER is accepted by the SBC.
43SBX-885532

The logical implementation for the flag CondIncMethInAllow is incorrect. 

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

New logic is added to rework the CondIncMethInAllow flag
44SBX-883272

Standby logs (/var/log/messages and syslog and user.log) are flooded with CpsShmAttach event log messages.

Impact: N/A

Root Cause:

CpsShmAttach() is being incorrectly being call by the standby for every SIP Registration.
The only negative consequence of this is that a log message with the following text is logged for every registration:
"CpsShmAttach: Attached to shared memory"

Steps to Replicate: N/A

Platform/Feature: SBC

The standby code is modified to no longer call CpsShmAttach() unnecessarily.
45SBX-88755 / SBX-721653

Portfix SBX-72165: The mandatory users (admin, guest, operator) in the SNMP users table are user removable. If removed, the SNMP commands may fail. (Originated in release 6.2.4).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: CLI, EMA

Validation is added to ensure the mandatory users admin, guest, and operator are not removable.
46SBX-88768 / SBX-885483

Portfix SBX-88548: For a non-SIP to SIP call, the transparency/relay flags are still in effect. (Originated in release 6.2.4)

Impact: N/A

Root Cause: Resolved: Change the logic to disable/ignore all transparancy/relay flags if it is not end to end SIP call.

Steps to Replicate: N/A

Platform/Feature: SBC: SIP Applications

The code is modified to disable/ignore all transparency/relay flags for call flows that are not end-to-end SIP calls. 
47SBX-883252

If a user enables/disables the audit system (auditd + kernel's audit system), the existing CLI command "set oam eventLog platformAuditLogs state <enabled/disabled>" will be used.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to:

  • change the default state of the platformAuditLogs to enabled Stop audit system (auditd + Kernel audit system) for stopping auditd,
  • disable the audit system when platformAuditLogs's state is disabled and persists on restart.
48SBX-889252

Software editions of the SBC use uninitialized values during the SmProcess startup.

Impact: N/A

Root Cause: Coding error.

Steps to Replicate: Use valgrind on SmProcess at startup to find use of uninitialised values.

Platform/Feature: SBC

The code is modified to initialize values on software editions.
49SBX-890481

The SBC is not able to send 200OK to the Ingress due to tone playing and a "Send Update SDP in 200OK" flag.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Fixed the logical error so the SBC can send 200OK out.
50SBX-892003

e2e PRACK is not working if the required header is present and 100rel is not.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Changed the logic to accommodate if 100rel is not in the required header, it is validated in supported header.
51SBX-89320 / SBX-888822

Portfix SBX-88882: A 200 OK INVITE received immediately after a UPDATE/200 OK gets stuck and the call fails. (Originated in release 7.2.1)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to avoid using a tone swap when a 200 OK INVITE is received immediately after a UPDATE/200 OK.
52SBX-89288 / SBX-882202

Portfix SBX-88220: SBC system configuration: sysctl variables, hardening. (Originated in release 8.1.0)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Implemented security hardening measures to load the Yama security module at startup to block non-child tracing by ptrace.
53SBX-886651

NAPT not learning due to a delay in media being received. NAPT is learning for 1sec for a re-INVITE and after the learning, the previously learned address is returned to NRMA (which does not work for end changes).

Impact: N/A

Root Cause: NAPT not being learnt due to delay in media being received. NAPT is learnt for 1sec only for a re-INVITE and after that the previously learned address is returned to NRMA ( which doesn't work in this case as far end changes it's IP:PORT ).

Steps to Replicate: For re-INVITE send media after 1/2 seconds and see that napt learning is restarted after timer expiry.

Platform/Feature: SBC

The code is modified to restart NAPT learning again after a timeout for re-INVITE.
54SBX-89284 / SBX-892021

Portfix SBX-89202: When ISUP/QSIG message body is present in the OOD requests, the SCM coredump occurs since the hSipCallHandle will not be present. (Originated in release 8.1.0)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Added a Null check for hSipCallHandle.
55SBX-889742
An OOD MESSAGE Request with the same CSeq and different from tag for a challenged request will be rejected with an 482 Loop Detected.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC
OOD MESSAGE Request with same CSeq and different from tag for a challenged request is processed automatically.
56SBX-89336 / SBX-882212

Portfix SBX-88221: High auditd activity is causing disk issues and registration failures on the SWe. (Originated in release 6.2.4)

Impact: N/A

Root Cause: High activity of auditd was mainly caused due to flooding of MAC_IPSEC_EVENT messages in /var/log/audit/audit.log

Steps to Replicate:

1. run ipsec.sh script
2. Simultaneously, on another session, try "mpstat -P ALL 1", verify that high values of %iowait are not found
3. If high activity of auditd is still causing issues, auditing can be stopped using "set oam eventLog platformAuditLogs state disabled"
4. After disabling auditd, verify that auditd has been disabled, using "auditctl -s" and "systemctl status auditd"
5. Also verify that audit messages are not being logged in /var/log/audit/audit.log and /var/log/messages

Platform/Feature: SBC

Added an audit rule to exclude MAC_IPSEC_EVENT messages from being logged by the auditd.
57SBX-889891

R-URI userpart is incorrect when the ToHeader Transparency is on and with registration. 

Impact: N/A

Root Cause: Logical error.

Steps to Replicate: N/A

Platform/Feature: SBC

The R-URI is based on contact received from an IAD registered end point.
58SBX-893022

Application can fail to start if the name chosen for the SBC ends with "net". 

Impact: N/A

Root Cause:

In implicit registration case, SBC fails to unsubscribes with PCRF during De-Registration and that results in PCRF keep on sending notifications to SBC
even after De-registration and that result in coredump(Because SBC tried to access Registration Control Block which is given by callback function which does not exist)

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to handle the SBC names ending with "net".
59SBX-887431

The SCM Process cores when receiving notifications from the PCRF, which does not exist on the Registration Control Block.

Impact: N/A

Root Cause:

In implicit registration case, SBC fails to unsubscribes with PCRF during De-Registration and that results in PCRF keep on sending notifications to SBC
even after De-registration and that result in coredump(Because SBC tried to access Registration Control Block which is given by callback function which does not exist)

Steps to Replicate:

1. Enable Rx feature and signallingPath flag on access TG
2. Run implicit Registration
3. Send De-Register request


Platform/Feature: SBC

The code is modified to terminate the RX session on receiving De-Registration, so that the PCRF does not send any notifications to the SBC. A fix is added to handle notifications received from the PCRF that the Registration Control Block does not exit. 
60SBX-90034 / SBX-744702

Portfix SBX-74470: SIP (LM) -> GW call (x-fer on this side) - call is torn down. (Originated in release 6.2.4)

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: Gw-Gw, Media Resource Management

The code is modified to define a new NRMA state, for conditional assignment of the state, and faking the answer when required, to avoid the timer expiry. 
61SBX-89983 / SBX-899813

Portfix SBX-89981: Contact Transparency issue(HTP) for a Late Media Invite is not working as expected when excluded methods are configured. (Originated in release 8.1.0)

Impact: N/A

Root Cause:

When Excluded methods is configured and Late Media INVITE is received, we are checking the transparancy bits for Contact before
actually calling the CopyTransparancyContent where transparancy bits are actually set.

Steps to Replicate: Enable Contact transparency with HTP and exclude methods as below and execute call flow as mentioned in description.

Platform/Feature: SBC

Added a fix for calling the parameters SipSgCheckAndSetContactHeaderTrasparency after SipSgCopyTransparencyContent.
62SBX-90044 / SBX-759692

Portfix SBX-87984: RCA: web server leaks a private IP address through its HTTP headers. The web server will expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server. (Originated in release 8.0.0). 

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: EMA, Security

The header is edited before sending the response from Apache 2 server.
63SBX-866893

A change in the return code for Platform REST API calls for passwords mismatch.

Impact: N/A

Root Cause: In case of password mismatch, Platform REST API was returning status code 200 with error message. Which is not correct for authentication.

Steps to Replicate: Login into platform manager with wrong password, response should come with 401 status code and error message.

Platform/Feature: SBC

To fix this issue, set the status code to 401 for authentication.
64SBX-865862

SIPSG_GET_DMINFO_RPY_MSG is not sent when the DM Info is not sent. The SCM lookup times out after 1 second and the 200 OK is released after 1 second.

Impact: N/A

Root Cause: It is the day one behavior of Direct Media Anti-trombone feature.

Steps to Replicate: N/A

Platform/Feature: SBC

SIPSG_GET_DMINFO_RPY_MSG is sent irrespective of whether the DM Info is present or not.
65SBX-893772

When the Enhanced Dynamic black list feature is configured for a Receipt of message event type, the ScmProcess leaks memory.

Impact: N/A

Root Cause: When Enhanced Dynamic black list feature is configured for Receipt of message, ScmProcess allocates memory for ICM message but do not free the memory.

Steps to Replicate: Execute the DM Anti-trombone call flow so that two calls hits different SCM's.

Platform/Feature: SBC

The code is modified to ensure the ScmProcess frees the memory allocated for the ICM Message carrying the Dynamic black list feature data.
66SBX-900882

Subscription information is lost on an SBC switchover in a particular direction.

The NOTIFY request is rejected with a 489 Bad Event message after a double switchover.

Impact: N/A

Root Cause: Ingress and Egress transparancy profile *present* bits was not set in Relay CB because of which they are not getting mirrored during second switchover.

Steps to Replicate:

1. Register and Subscribe from Active Machine.
2. Do a switchover so that Standby machine becomes active.
3. Do a switchover again so that Active machine becomes active again.
4. Now send Notify from core.

Platform/Feature: SBC


The code is modified to allow a successful double switchover.
67SBX-90128 / SBX-889963

Portfix SBX-88996: As, the single character search is an exhaustive search operation which would in turn consume more time and space , the browser witnesses Timeout Exception due to which the blank screen is rendered to the user. (Originated in release 6.2.4).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: EMA

The code is modified to avoid and disallow single character search by rendering an appropriate error message to the user if the input does not match the criteria entered.
68SBX-90204 / SBX-901953

Portfix SBX-90195: A transport parameter is transparently sent when the Request-URI transparency is enabled for all messages. (Originated in release 8.1.0).

Impact: N/A

Root Cause: As prat of transparency support for Request URI, this parameter was transparently sent which shouldn't be sent.

Steps to Replicate:

1. Enable transparency for Request URI.
2. Make a TLS-UDP or TCP-UDP call with transport parameter in Request URI.
3. Transport parameter will sent transparently though the call is UDP in egress leg.

Platform/Feature: SBC

The code is modified to remove the transport parameter in a request URI when request URI transparency is enabled.
69SBX-90042 / SBX-763933

Portfix SBX-76393: The CPX process was timing out when requests were made for specific rows in an interval statistics table, only used to populate the statistics tar file. (Originated in release 6.2.4).

Impact: N/A

Root Cause:  Interval statistics tables that are used only to populate the statistics tar file do not support requests for individual rows, and those requests time out.

Steps to Replicate: N/A

Platform/Feature: SBC: confd

The code is modified to return a request immediately with no data.
70SBX-898771

For registration, the 200OK has the service-route, and the flag Stored service route enabled. If the Server sends multiple notifications without a record-route before the Subscribe is stable, the SBC may core due to duplicated freed memory.

Impact: N/A

Root Cause: SBC may core due to duplicated memory free.

Steps to Replicate: Test: ~stran/sipp/sippc_89788.xml and sipps_89788.xml

Platform/Feature: SBC

The code is modified to correctly initiate a NULL pointer after the memory is freed.
71SBX-88048 / SBX-873211

Portfix SBX-87321: Sip Parser has predefined method length restriction set to 128 and a negative test case in Codenomicon test suite with a method including more than 128 characters is resulting in a coredump. (Originated in release 8.0.0).

Impact: N/A

Root Cause:

1)When ever CSEQ method name comes beyond 127 character size and SMM profile is applied, SBC taking box down as it is missing boundary condition

2)When From Tag is missing in Dialog scope variable data, SBC taking box down as it is missing NULL check

Steps to Replicate: N/A

Platform/Feature: SBC

Added software checks to enforce upper limit as well as NULL termination

72SBX-92225 / SBX-757152

Portfix SBX-75715: The SCM reports a deadlock when multiple set operations are committed. The feature previously worked in earlier releases and does not work in 7.x releases. (Originated in release 8.0.0).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: CLI

A check is added in the CPX to limit the maximum number of trunkGroups set per commit to 2 to avoid a SCM process core dump due to a healthcheck timeout.
73SBX-881292

Registrations with a syntax error cause an incorrect REG counter.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to update the TRM and SIPFE correctly.
74SBX-89592 / SBX-892202

Portfix SBX-89220: The 200 OK is not being sent for call HOLD when the sdpAttributeRelay is enabled on the Trunk Group. (Originated in release 8.1.0).

Impact: N/A

Root Cause: Setting this flag SIP_SDP_CTRL_IS_CHANGED_SDP and properly not resetting it is causing the issue

Steps to Replicate: Run a Audio Video call and UAS sends the answer with Audio and Video(Stream disabled). Send the hold invite with change in datapath mode, 200 OK for this is not being sent.

Platform/Feature: SBC

The code is modified to reset the flag SIP_SDP_CTRL_IS_CHANGED_SDP when there is change in the Session Attributes.
75SBX-882533

The PSX Name field is not being populated in CDR's.

Impact: N/A

Root Cause: Code was missing to handle the PSX name and copy to CDR's

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to include the PSX name in the CDRs.
76SBX-902501

When "show status addressContext <addressContext_name> ipsec ipsecSaStatistics" and "show status addressContext <addressContext_name> ipsec ipsecSaStatus" commands are run and the IPSec is configured, the IKE Process will leak memory.

Impact: N/A

Root Cause: Memory leak occurs because of double allocation of key and value buffers which hold IKE statistics.

Steps to Replicate:

Configure IP SEC AKA on SBC.
Run valgrind.
show status addressContext <addressContext_name> ipsec ipsecSaStatistics.

show status addressContext <addressContext_name> ipsec ipsecSaStatus
Make sure AKA is configured and working correctly.
Check valgrind output.
Certain blocks of size 664 and 16 will be shown.

Platform/Feature: SBC: IPSec, SIP

The code is modified to ensure buffers are allocated once when generating the IPSec IKE statistics.
77SBX-903641

[SMM] The Scm process core dumped while modifying the URI scheme.

Since the stHdrString is not MemZero and when we try to free the memory which is junk, coredump occurs.

Impact: N/A

Root Cause: The core dump was observed as memory of few structures were not memzero.

Steps to Replicate: N/A

Platform/Feature: SBC: Application

The code is modified to add a MemZero to the structures.
78SBX-905102

The call setup time under the currentCallStatistics output was not calculated correctly.

Impact: N/A

Root Cause: The code was incorrectly managing the cumulative total for this field and dividing it by 100.

Steps to Replicate: Make multiple calls with a delay between sending INVITE and receiving 18x message and check the call setup time is correct.

Platform/Feature: SBC

The code is modified to simply keep a total of the number of ticks. For example, 100ths of a second for each call.
79SBX-899963

In old scenario, using ':' for separation between attribute name and value.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Code was added to read the file properly if instead of ':', the file uses double quotes (") as a separator.
80SBX-903931

When the saveCallFlows is enabled, and only Out of Dialog Messages are received, a memory leak occurs.

Impact: N/A

Root Cause: Packets without a GCID associated with them are stored in a queue until a packet is sent or received with a GCID

Steps to Replicate: N/A

Platform/Feature: SBC

When the queue of packets exceeds the saveRecentCallFlowsInMemory maxMemoryUsage, the oldest entries are purged.
81SBX-901801

When the SIPT library was returning a DISCARD_MSG event to SIPSG while trying to send out a message, it results in the call being released if the MIME disposition was required.

Impact: N/A

Root Cause: If the SIPT library returns DISCARD_MSG there is no need to release the call.

Steps to Replicate: Make a SIPT to SIPT call where the ingress revision is spirou and the egress revision is itut92+ and send a CPG message with the event indicator of 5 in the backward direction.

Platform/Feature: SBC

The code is updated to not release the call if the SIPT library returns DISCARD_MSG while sending out a message.
82SBX-873421

During the long load run, a few 503 responses are seen from the SBC.

Impact: N/A

Root Cause: The issue is seen because of SBC wrongly identified INVITE PDU type as OTHER and not INVITE only in the case when first partial PDU received over TCP as fractional INVITE word.

Steps to Replicate: In long load run over TCP on ingress side.

Platform/Feature: SBC

The SBC corrected the pre-parsing logic in partial PDU cases, when the INVITE word received in first partial PDU is fractional and rest of the PDU in a second partial PDU.
83SBX-90526 / SBX-903791

Portfix SBX-90379: Pathcheck process currently supports 32 DNS records, whereas the DNS client supports 100 so there was a mismatch and this pathcheck process crash was seen when there are more than 32 records. (Originated in release 8.1.0).

Impact: N/A

Root Cause: PathCheck process crash was seen due mishandling of the records when the number is more than 32.

Steps to Replicate:

1. Configure patch check profile to IP peer to send OPTION sip message as ping.
2. Patch check host name peer as FQDN.
3. TCP fallback enabled for DNS server configuration.
4. TC flag set coming from DNS server, which basically indicates that DNS response is truncated.
5. DNS reply has more than 32 SRV records.

Platform/Feature: SBC

The Maximum records supported in a pathcheck is increased to 100, so that it will be in sync with a DNS client.
84SBX-904253

During registration failures, and peer tries to register again, the SIPFE and SIPSG may become out of sync.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

SIPS is no longer responsible to answer the re-transmissions and the application directly handles the answer to avoid an out of sync registration.

 
85SBX-902312

The SCM may core while processing SIP INVITE headers.

Impact: N/A

Root Cause: The received INVITE message is not as per RFC 5626 that requires +sip.instance to be followed by a value.

Steps to Replicate: N/A

Platform/Feature: SBC

A NULL pointer check is added to avoid a core dump when far end SIP endpoints are not following the standard.
86SBX-856751

When invoking an API with an input param, the input params were not getting validated because the validation code was not present for the rest of the API input params.

Impact: N/A

Root Cause: When we were invoking any rest API with some input param. Input params were not getting validate because validation code was not present for rest API input params.

Steps to Replicate: Call rest API using curl command with invalid input params value.

Platform/Feature: SBC

A new class is added to validate all the API input params to fix this issue.
87SBX-864252

The mgmtRedundancyRole is displaying Unknown instead of active/standby.

Impact: N/A

Root Cause: SmaGetMgmtRedundancyRole() which returns the mgmtRedundancyRole is returning rgmRedundancyRole instead of redundancyRole

Steps to Replicate:

Run cli command: show table system serverStatus <system name> mgmtRedundancyRole

admin@CEGVM3> show table system serverStatus CEGVM3 mgmtRedundancyRole
mgmtRedundancyRole active;

Platform/Feature: SBC

Make the SmaGetMgmtRedundancyRole() return to redundancyRole instead of rgmRedundancyRole.
88SBX-865892

When there are multiple ipInterfaces in different subnets in an ipInterfaceGroup, the sipSigPort address can remain bound to an ipInterface with an unmatching subnet. The sipSigPort address does not move to an ipInterface with the matching subnet when the ipInterface with the matching subnet becomes enabled and in-service.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The signaling port address is properly relocated to an ipInterface with the matching subnet if the address is currently bound to an ipInterface in a different subnet.
89SBX-866532

When the packets are logged as part of the SBC Packet Collector for Core Dump Analysis functionality, if there are SMM rules applied to those packets, the packets are not stored after the SMM rules have been applied.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to save the packets after SMM rules have been applied.
90SBX-856761

The user was able to read any file from the under-privilege REST user through a GET request.

Impact: N/A

Root Cause: In old scenario, input sanitization for rest call parameters not present.

Steps to Replicate: N/A

Platform/Feature: SBC

The input sanitation is added to verify the REST call before executing the API.
91SBX-76813 / SBX-708083

Portfix SBX-70808: It is not possible to use the EMA "Test SIP Adaptor Profile" or a CLI command "request profiles signaling sipAdaptorProfile getDigits testProfile" to test an SMM rule that manipulates an ISUP MIME body, because these mechanisms only support ASCII characters and the MIME body is binary. (Originated in release 8.0.0).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The CLI command is extended to allow processing of files contained binary MIME bodies. Processing of the inputPduString option and the EMA text screen is changed to only support the ASCII. 
92SBX-862772

The packets are captured out of order. Though all packet data is present in memory, the packets are not stored in the proper order.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to capture the packets in the correct order.
93SBX-868522

/home/log/session directory has a record of the terminal session logs for all the users and the directory is world-writable without being set. 

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to set sticky bit for /home/log/session directory.
94SBX-859972

A user is not able to create a group starting with '.'

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to not take groups starting with '.' as input, and to delete the groups staring with '.' at the time of the LSWU.
95SBX-874473

The OS user linuxadmin was not getting the shortened lockout time of 10 seconds, when the OSAccountAging goes from being disabled to enabled.

Impact: N/A

Root Cause: Misspeliing in command to update the PAM config files.

Steps to Replicate: N/A

Platform/Feature: SBC

The passwd.sh script is updated to correct the incorrect spelling.
96SBX-871012

The Packet Loss Threshold is not set properly in the NP, so the NP will report a packet loss incorrectly.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Extract the pktLossThreshold setting from a proper location in the enable media API in the SWeNP code.
97SBX-859883

When the To header transparency and call route by TN is on, the R-URI is uncorrected.

Impact: N/A

Root Cause: Incorrect logic to treat RURI as transparency.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to not treat R-URI as transparent.
98SBX-874611

When the DRM (Application) is not receiving the response from the UXPAD for the health check messages, the DRM sends SIGABRT signal to the unresponsive UXPAD (using the UXPAD process number) to generate a coredump. 

Impact: N/A

Root Cause:

While we get the PID of the Process using the UXPAD process number, we were not searching for the exact match.
If the UXPAD number is 1, it matches all the UXPADs/TPADs that have 1 in their process number ex: 1, 10, 11, 12, 21 etc, and the SIGABRT signal was sent to all those processes.

Steps to Replicate:

This issue can be produced with instance having more than 10 UXPADs.
We don't need to run calls to reproduce this.

Kill UXPAD with process number 0 or 1.

Get the PID of the desired UXPAD
> ps -elf | grep UXPAD
(/opt/sonus/bin/swe/SWe_UXPAD -c 0x8 -n 1 --proc-type=secondary --no-pci -- -c4 -t1)
choose the PID with process number 0 to 1 (process number is the last field "-t<process number>" in the output when the above command is executed).

Kill the UXPAD.
> kill -9 <PID>

Since the UXPAD was killed, the DRM does not get the response for the health check messages and it issues the SIGABRT Signal.

Without this fix the coredump gets generated for the wrong UXPAD that matched the process number (not exact match)
With this fix it does not generate the core as the desired UXPAD was not live.

We can monitor these logs in "/var/log/syslog", search the relevant messages with the keyword "coredumpSweDsp"
Also we can check cores dumps in "/var/log/sonus/sbx/coredump"

Platform/Feature: SBC

Search for the exact match while the admin retrieves the PID of the Process.
99SBX-858072

Privilege Escalation by www-data on the SBC (Runtime Diagnostics Test).

Impact: N/A

Root Cause: runDiagField.sh has sonusadmin ownership and can be modified by sonusadmin to escalate to root.

Steps to Replicate: N/A

Platform/Feature: SBC

Updated the permission and ownership of /opt/sonus/sbx/diags/runDiagField.sh from the (-rwxr--r-- 1 sonusadmin sonus) to (-r-xr----- 1 root sonus) through the updateOwnerAndPermissions.sh.
100SBX-874522

When the configuration for the connected realm (Address Context > Realm > Connected Realm) is created and the realm name used already exists, the code was reading off the end of a memory buffer.

Impact: N/A

Root Cause: The code was using a memory copy routine which always copied a fixed amount of memory regardless of the string size that existed in the source memory location. This lead to reading off the end of the memory buffer.

Steps to Replicate: This issue is only seen when using special ASAN images

Platform/Feature: SBC

The code is updated to use a string copy instead of a memory copy functions to avoid reading off the end of the memory buffer.
101SBX-871401

First, a DNS query was getting initiated through the mgmt even if the IP was configured. The Patchchk process core dumps when the truncated DNS response is received from DNS server.

Impact: N/A

Root Cause:

As default static routes are configured and mgmt. get the preference, that's the reason DNS query was initiated via mgmt. interface.
Ptachcheck process core dump was happening because of its inability to handle truncated DNS response.

Steps to Replicate:

1. configure patch check profile to IP peer to send OPTION sip message as ping.
2. Patch check host name peer as FQDN.
3. TCP fallback enabled for DNS server configuration.
4. TC flag set coming from DNS server, which basically indicates that DNS response is truncated.

Platform/Feature: SBC

The Static route for the IP interface to the DNS server is provided, which solves the problem of the DNS query not going through the IP interface. 
102SBX-878622

The SecureNAT does not learn the remote IP address.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The prefix match result of the received srcIP against the programmed srcIP is in Big Endian format, so it needed to be byte-swapped to Little Endian format.
103SBX-881682

SIPS/SIPSG: The 200 Ok (connect) is not sent to the ingress, and ACK is not sent to the egress, when a call is handled using a custom call script.

After the announcement script run is completed, the CC confuses the script as a multiparty call transfer script and not telling the ingress to connect the call (send 200OK).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modifed to allow the CC to inform the ingress to connect the call after the custom call script completes.
104SBX-87527

The SBC allowed a user to use the same IP address for a route next hop that caused a loss of traffic to all off-net peers across the SBC interface.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to validate that static route's next top IP address is not same as IP interface's altMediaIpAddress.
105SBX-851322

For sRTP call, the SBC does not reset the ROC while doing an sRTP encryption, even if the SSRC changes. This may cause the remote decryption operation to fail on some 3rd party equipment.

Impact: N/A

Root Cause: The fast path design wasn't paying attention to the SSRC changes while doing sRTP encryption operation.

Steps to Replicate:

This specific fix has been tested/verified in unit-test environment. The following is not required, but just for the sake of completeness:

Set up an sRTP call, run it for 25 minutes, make sure there is two-way audio.
Without signaling it, force a change to the SSRC on one side
check if there is one-way audio.
Repeat the above step with 6.2.0R0 and 6.2.3A16.

Platform/Feature: SBC

The code is modified to remember the SSRC from the last RTP packet, and comparing it with the SSRC of current RTP packet before sRTP encryption is applied. If a change is detected, the ROC is reset to 0 before sRTP encryption is applied.
106SBX-881972

An internal module's passphrase generation method was not strong.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to use a stronger method.
107SBX-888352

The SBC, while trying to create DM NAPT table (after retrieving the details from the Database), was trying to read the end of a memory block for some of the parameters in the table (such as table name, etc).

Impact: N/A

Root Cause: While copying the different parameters from the database to DM NAPT table, the code was copying fixed size table name string. This might result in reading off the end of a memory block and if the memory block is at the top of the heap then it can cause invalid memory access and result in crash.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to not copy more memory than required, to hold the table name of the DM NAPT table to then avoid reading invalid memory.
108SBX-86712 / SBX-759432

Portfix SBX-75943: When an video+audio directmedia call with m=audio after m=video in the SDP is made (audio becomes the last stream), the LIF bandwidth is allocated though it is a DM call.(Originated in release 8.0.0).

Impact: N/A

Root Cause: In nrmaResAlloc.c, the code to set the session BW to 0 (xrmBwChangeCmd.sessionBwBps = 0) is never processed for audio since it is inside a block meant for non-audio streams.

Steps to Replicate: N/A

Platform/Feature: SBC

A loop is added to save the streamId of the last non-audio stream. The code is modified to check if the audio is the last stream to be a part of this. An additional check is added to reset the session BW to 0 for the last non-audio stream for a direct media call, if the audio is found to be the last stream. 
109SBX-89773 / SBX-890892

Portfix SBX-89089: If a name change operation is performed to swap any of the two system names (CE name or peer CE name), the SBC application may fail to start. (Originated in release 8.1.0).

Impact: N/A

Root Cause: There are some config files where there is no distinction between the key used for specifying the system name and CE names. A swap in such a file cannot be done correctly.

Steps to Replicate: N/A

Platform/Feature: SBC

The name change operation is enhanced to reject any name change operation that involves swapping any of the two system names (CE name or peer CE name).
110SBX-864861

The I-SBC does not span across multiple vNUMA nodes, causing a SWe_NP failure to launch.

Impact: N/A

Root Cause: The failure happens due to improper allocation of hugepages for SWe_NP in case it is dual NUMA ,failing SWe_NP to come up.

Steps to Replicate: Follow the guidance to restrict ISBC to be confined within same NUMA in which packet port is connected.

Platform/Feature: SBC

The SWe SBC software is updated to enforce I-SBC instances to run only with single vNUMA node in order to achieve deterministic performance.


111SBX-89996 / SBX-895863

Portfix SBX-89586: Loading the TEAMS Template token from the EMA is not working. The Token load option does not load values into the template. No action is triggered even after clicking the Token load. (Originated in release 8.1.0).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

Updated the code to successfully load the token and display the value corresponding to the attributes.
112SBX-901573

The radiusSharedSecret may appear in plain text in the logs.

Impact: N/A

Root Cause: Debug print statements caused the passphrase to be written to the logs.

Steps to Replicate: N/A

Platform/Feature: SBC

The code printing the plain text passphrase is removed.
113SBX-90515 / SBX-902893

Portfix SBX-90289: The SBC cored after swapping a name (CE and System) and performing a clearDb action. (Originated in release 8.1.0).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to compare all system names against each other before accepting a name change, and then generate a warning, when applicable.
114SBX-904153

Currently, all filters are not displayed for tables such as Call Detail Status, Call Media Status, and Call Resource Detail Status.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to display filters for all columns in the tables.
115SBX-903231

In case of SUBSCRIBE Relay refresh, the the R-URI must be based on the last Contact received if the first route set has the lr parameter.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The logic is changed based on the RFC3261.
116SBX-90789 / SBX-900854

Portfix SBX-90085: When special character inputs are used for the call number filter in the CDR viewer table, the input validation fails and the page keeps showing the table as 'Loading...'. (Originated in release 6.2.4 ).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified so the user can filter the called number data in CDR Viewer table, with numbers and few special characters such as #, *, +, -

117SBX-883192

When history info header is received and International Nature of Address (NOA) Plus flag is enabled, the NOA printed in CDR log is incorrect. The NOA for the original called and redirecting number must be set to International.

Impact: N/A

Root Cause: When history info header is processed , International Noa Plus flag is not considered.

Steps to Replicate:

Reproduce the issue by
Enabling following 2 flags :
History Info on Ingress SIP TG.
International Noa Plus

Send INVITE with
History-Info: <sip:+442071899987@telekom.de;user=phone?privacy=history>;index=1
History-Info: <sip:+442071900059@telekom.de;user=phone;cause=302>;index=1.1

Actual Result in CDR ACT logs :
REDI,20,442071899987,442071899987,3,3,1,1,1,2,,,,,,,,,,,0,2

Expected Result:
REDI,20,442071899987,442071899987,3,3,1,1,1,3,,,,,,,,,,,0,3 --> two HI

Difference is NOA parameter for redirecting original called number. It should be 3.

Platform/Feature: SBC

The code is modified to check International NOA Plus flag before setting NOA for the original and redirecting number when the history info header is received.
118SBX-903082

When LRBT is enabled for an ICE call and egress, the endpoint responds to initial INVITE with an 183 progress message with the SDP parameters followed by an 180 without the SDP and a 200 OK with the SDP. Following the local ring back tone, the SBC initiates re-INVITE to the egress endpoint that is missing ICE ufrag, password and RTCP candidate line in the SDP.

Impact: N/A

Root Cause: Error in the software that was causing the ICE information for the call to be incorrectly cleared in this particular scenario.

Steps to Replicate:

Create sbx configuration to allow ICE sip to sip call to be routed between ingress and egress TG's.
Create a toneAndAnnouncementProfile for LRBT with dynamicLRBT disabled and associate the profile to the ingress and egress TG's.
Enable rtcpMux on the PSP associated with the ingress and egress TG's

Method
----------
1. Send INVITE to SBX ingress with valid ICE SDP including rtp and rtcp candidates and a=rtcp-mux.

2. From egress endpoint, respond to INVITE with with following sequence
183 Session progress including valid SDP with ICE
180 Ringing without an SDP
200 OK including valid SDP with ICE

3. At ingress endpoint,
Respond to 200 Ok with ACK
At egress endpoint,
Respond to re-INVITE with valid 200 OK

Complete call signaling and stun exchange at ingress and egress

Platform/Feature: SBC

The software is modified to not clear the ICE information in this scenario.
119SBX-858203

CDR records are broken into multiple syslog messages.

Impact: N/A

Root Cause: There was a limit to the message size of ~1.8K and CDR messages beyond that would be split into multiple syslog messages.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to transfer a complete CDR as one syslog message.
120SBX-907622

During SMM testing, the code for handling message scope variables could read off the end of a memory block while printing a debug statement.

Impact: N/A

Root Cause: There was a limit to the message size of ~1.8K and CDR messages beyond that would be split into multiple syslog messages.

Steps to Replicate: N/A

Platform/Feature: SBC

The specific debug log line is deleted because there was a second debug line that is already printing from null terminated string.
121SBX-901232

If a domain license is installed on the head end node, but the license is pushed out to another node more than an hour later, the push of the license is not successful.

Impact: N/A

Root Cause: N/A 

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to allow the push of the domain licenses to other nodes, if it has been successfully installed on another node of the cluster before.
122SBX-905102

The call setup time under the currentCallStatistics output was not calculated correctly.

Impact: N/A

Root Cause: The code was incorrectly managing the cumulative total for this field and dividing it by 100. 

Steps to Replicate: Make multiple calls with a delay between sending INVITE and receiving 18x message and check the call setup time is correct.

Platform/Feature: SBC

The code is modified to keep a total of the number of ticks. (i.e. 100th's of a second for each call).
123SBX-851362

Software Update fails if an snmp trapTarget with a name containing white-space characters is configured.

Impact: N/A

Root Cause: A change was added to remove prefixes on trapTarget names during software update. This change does not work with names containing spaces, which is possible when manually creating a trapTarget from CLI only.

Steps to Replicate: On old software, manually create a trapTarget from CLI with a name containing at least one white-space character - to do this, the name must be quoted.
Then perform LSWU - this fails.

Platform/Feature: SBC

The LSWU code is modified to deal with trapTarget names containing whitespace.
124SBX-900613

The function SipSgContinueCallProcessing() acquires pstCall using SipCallFromHandleAndLockCCBCmd() and after use, the function was not releasing pstCall, causing memory leaks.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to release pstCall using SipUnLockAndReleaseCCBCmd() after a use.
125SBX-914643

When the HA peer is upgraded, the upgrade screen shows an error pop up with "Internal Operation error session_start" content.

Impact: N/A

Root Cause: It was happening because of cnxipm directory was deleted and not able to create again, meantime system was trying to session under cnxipm director.

Steps to Replicate: To reproduce this issue, we have to upgrade the system in HA peer mode.

Platform/Feature: SBC

The code is modified to check to create cnxipm directory.
126SBX-734512

SNMP v3 doesn't work after the upgrade/restore.

Impact: N/A

Root Cause: SNMP version is not applied after upgrade/restore

Steps to Replicate: N/A

Platform/Feature: SBC: confd, Install/Upgrade Platform

The upgrade/restore version is applied after the SBX starts from the incoming configuration database.
127SBX-914041

There is One way audio after call transfer is made on the SWe when Ring Back is enabled with SRTP towards the MS TEAM to relay it back to PSTN behind the SBC. 

Impact: N/A

Root Cause: With this call transfer BRES is deactivated, activated again, while reusing BRES associated SRTP ENC context it should retain the old required values in contexts, which is missing in SBC SWe

Steps to Replicate: N/A

Platform/Feature: SBC

With these session modification flows, the NP code is modified to retain the enc contexts required for re-enabling so the endpoint can start accepting media.
128SBX-913332

An Application on active may crash when the HA connection is frequently bouncing.

Impact: N/A

Root Cause: If the HA connection bounces while an scp operation is in progress then the copying gets stalled resulting in health check timeout in application in turn causing a crash suspecting deadlock.

Steps to Replicate: N/A

Platform/Feature: SBC

The SCP operation is completed in the background thread to ensure there is no timeout on the health check.
129SBX-912242

The SBC is using the surrogate Registration hostPart as the target FQDN. 

Impact: N/A

Root Cause: surrogate hostPart is over-write egress IpPeer fqdn (target route)

Steps to Replicate:

1. configure surrogate registration with hostPart.
2. configure Egress route as fqdn (Egress IpPeer is fqdn).
3. enable surrogate registration.


Platform/Feature: SBC

The code is modified to not over-write egress IpPeer fqdn(target route) with the surrogate hostPart.
130SBX-91322 / SBX-894913

Portfix SBX-89491: If a split-brain occurs prior to the standby being up and being fully synced, selecting the former standby as the leader when coming out of a split-brain will result in a complete outage. (Originated in 8.1.0).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

 Platform/Feature: SBC

The enhanced GR-HA leadership algorithm is updated to take the standby's sync state into account when deciding if the former standby is to be the post split-brain leader.
131SBX-908972

The template form on the Configuration Script and Template Import page is not getting displayed due to some failure. 

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to display the Configuration template form properly when a Configuration is chosen from the table. The Configurations list table is always displayed first when 'Create Configuration from Template' is clicked.
132SBX-912262

Unable to upload configuration in the SBC in the Provision Management.

Impact: N/A

Root Cause: unable to create export directory to store configuration file.

Steps to Replicate:

  1. Logged in to ems gui as admin user
  2. Switch to Networks tab
  3. Go to provisioning
  4. Clicked on SBC Core under provisioning
  5. Clicked on upload configuration
  6. Provided the required configurations.
  7. Clicked on upload.
  8. Before fixing the issue --
  9. Configuration did not got uploaded.
  10. After fixing the issue ---
  11. Configuration uploaded successfully.

Platform/Feature: SBC

The code is modified to create export directory to store the configuration file.
133SBX-911453

DSP card present status is not updated if the card is administratively disabled.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to monitor the DSP card presence status every 10 seconds, irrespective of the card being disabled or enabled.
134SBX-905812

When using EMA and accessing the Call Trace/Logs/Monitors > Log Management > TShark, the screen does not list the files if there are more than 130 files in the directory.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to correctly cope when a large volumes of pcap files are present.
135SBX-911312

Serialization errors are logged in the SYS log for type 137603, which points to CPC_OP_TYPE_AC_ZONE_INFO, that in-turn caused the coredump.

Impact: N/A

Root Cause: Serialization errors are because of CPC_OP_TYPE_AC_ZONE_INFO (137603) not getting registered and trying to send it to standby SBC.

Steps to Replicate: Execute LSWU from any version above 7.2.1 R1 to any other above versions.

Platform/Feature: SBC

The registration issue for CPC_OP_TYPE_AC_ZONE_INFO (137603) is fixed.
136SBX-903882

The NRS task failed healthcheck when there was over 3000 status requests per minute.

Impact: N/A

Root Cause: NRS task was calling out to CONFD for each packet LIF status request.

Steps to Replicate: N/A

Platform/Feature: SBC: Application, confd

Updated the NRS packet LIF status request processing routine to retrieve address context ID from a local cache instead of calling out to the CONFD.
137SBX-90837 / SBX-899572

Portfix SBX-89957: In TR87 service (CSTA) call flow, INVITE transaction in SIP stack on ingress is not killed, the timer G expires and continues re-sending 200 OK to ingress. (Originated in release 6.2.4)

Impact: N/A

Root Cause: SBC is not killing INVITE transaction in SIP stack on ingress once we receive ingress ACK (to complete INVITE-200).

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to terminate the INVITE transaction on the receiving end of ACK.
138SBX-91048 / SBX-908463

Portfix SBX-90846: Memory leak due to the use of the delete operator. (Originated in release 8.1.0).

Impact: N/A

Root Cause: Memory leak due to use of delete operator

Steps to Replicate: N/A

Platform/Feature: SBC

Delete operator is used to deallocate the memory allocated via strdup() and is replaced by the delete operator with the free().
139SBX-91779 / SBX-915942

Portfix SBX-91594: When SBC-7000 is under high call load with RTCP termination and unstable traffic (reaching 10Gb traffic instantaneously), the Network Processors cores stall. Media traffic stops and PRS coredump is generated. (Originated in release 6.2.4).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: Firmware

Configure the work scheduler module so that UPF, DPF, UPP, DPP cores are guaranteed to have work occupy the in-unit work entry.
140SBX-908752

A bug in GW Signaling code can cause a core when the GW Signaling Links are bouncing.

Impact: N/A

Root Cause: A bug in GW Signaling code can cause a core when GW Signaling Links are bouncing.

Steps to Replicate: N/A

Platform/Feature: SBC

The GW Signaling code is modified to prevent a core .
141SBX-909791

Apache server is not running.

Impact: N/A

Root Cause: Missing library.

Steps to Replicate: Start apache server.

Platform/Feature: SBC: Platform

Apache server app is rebuilt with the required library.
142SBX-740333

When a logicalMgmtIpInterface is configured, and the useIpAddrAsSnmpSource is set to true. The source for snmp traps are the specified address in the logicalMgmtIpInterface ipAddress field. However, the source of the traps is not the correct address, and instead the address is of one of the management IP ports.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC: confd, Management, Platform

The flag snmpListenOnlyOnThisInterface is added to the logicalMgmtIpInterface configuration. The default value for this flag is set to false. When the flag is set to true, the confd daemon only listens on the address specified in the logicalMgmtIpInterface with useIpAddrAsSnmpSource set.
143SBX-903661

AppContextId within NRMA_CALL_PTR is not being synced to standby after a switchover. As a result, Wile bridging calls NRMA identifies the Id as zero and crashes.

Impact: N/A

Root Cause: AppContextId within NRMA_CALL_PTR was not being synced to standby after switchover.

Steps to Replicate:

1) Make a call between A and B
2) Switchover
3) REFER C
4) Swithover
5) REFER to wrong IP

No crash should happen

Platform/Feature: SBC

The code is modified to syncing AppContextId to standby.
144SBX-908762

Gencom client sends a 481 for call park retrieval INVITE. When an incorrect tag in Replaces header, it is sent through the SBC.

Impact: N/A

Root Cause: Also, When we do egress lookup when replaces call isn't connected yet, we are not finding CCB because of incorrect tag setting during lookup.

Steps to Replicate: Execute call park and retrieve case where parked call is not established yet.

Platform/Feature: SBC

The code is modified to merge an issue and egress lookup using the correct tags.
145SBX-917383

If the LinkDetection interfaces are configured to use addresses specified in the systemMetaVariable dynamic table, those addresses are not properly read and LinkDetection is not activated.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to properly read the addresses from the metaVariableDynamic table.
146SBX-874411

The Broadsoft AS returns the 403 for a REFER Request due to From and To tags are swapped.

Impact: N/A

Root Cause: "To tag" and "from Tag" were being swapped twice, resulting to their original respective values in outgoing REFER's Replaces header section.

Steps to Replicate: N/A

Platform/Feature: SBC

The SBC application code is modified to correctly populate the From tag and To tag values in outgoing REFER's replaces header section.
147SBX-904422

ARM calculates the amount of memory that needs to be freed from the NP (Y has a multiple of certain number of fixed sized PNPS_ANN buffers) to fit in a new announcement the size of a WavFile_X. Due to design size, Y is not equal to size of WavFile_X.

Impact: N/A

Root Cause: Customer hit this issue because they touched the max amount of announcements cached in the system. Probably no other customer did that and that’s why it never came out.

Steps to Replicate: Run customer flow with customer's announcements all dumped into system.

Platform/Feature: SBC

The code is modified (Y is modified to Y') so that new announcements are added properly.
148SBX-858581

The ACL rules in a non-default address context were not getting added back to the NP after a sbxrestart/reboot. Without this fix, the ACL rules configured in non-default address context do not work.

Impact: N/A

Root Cause: Root cause for this issue was iteration of rules list wasn't proper resulting in non-default address context rules not being added back after sbxrestart/reboot.

Steps to Replicate: This issue can be reproduced by adding some ACL rules in default address context and some in non-default address context, After a sbxrestart/reboot, only the rules in default address context work.

Platform/Feature: SBC

The code is modified to iterate the rules list in a correct fashion.
149SBX-883381
The Policy Data is showing a sync in progress.

Impact: N/A

Root Cause: /home/oraadmin/SSDB/PolicyDBSyncStatus was being removed by logrotate. When the new file was created by write process, it did not have the correct privs to be read by status reporting session, so the status reporting process wrongly reported sync in progress.

Steps to Replicate: Modified logrotate script should not remove /home/oraadmin/SSDB/PolicyDBSyncStatus file.

Platform/Feature: SBC
Stop the logrotate to remove this file.
150SBX-91054 / SBX-887661

Portfix SBX-88766: The improper value for RFactor was displayed under the CLI command: trunkGroupQoeStatus. (Originated in release 7.2.1)

Impact: N/A

Root Cause: This became broken as part of N:1 feature done in release 6.1

Steps to Replicate: N/A

Platform/Feature: SBC

The wrong context was fetched to calculate the RFactor value. The code is modified for the RFactor calculation.
151SBX-911861

In the case of status commands executed from the CLI, a request is sent to both active and standby nodes. An LVM running on active and standby nodes compares the CE name configured in the LDG with a server name and returns stats only for LDGs that are configured on that CE. However, there is no similar check in the case of a PF stat. Without the check for a PF stat,the statistics displayed for LDGs configured on standby node was not correct.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to compare the CE name and return stats associated with the LDGs configured on the respective nodes.
152SBX-914052

The cluster configuration for saveConfigStoreFile fails on the head end node due to a change of permission by keyKeeper.py. The sbcRegistration was not readable by the admin as a result of the configuration failure.

Impact: N/A

Root Cause: N/A 

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified and the admin is able to read the sbcRegistration.
153SBX-911861

Failure stats are not being printed in the SBC stats file while it is showing in "show table addressContext default linkDetectionGroupStatistics". The LDGs are configured on both active and standby nodes. An LVM running on active and standby nodes compares the CE name configured in the LDG with server name, and returns stats only for the LDGs that are configured on that CE. However, there is not a similar check in case of PF stat. In response, the statistics displayed for the LDGs configured on standby node are not correct.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to compare the CE name and return stats associated with the LDGs configured on the respective nodes.

154SBX-911141

The SRTP enables calls in the SWe SBC and causes the NP_Work_2 to sporadically crash and core.

Impact:

Root Cause: In SWe SBC, NP API updates are asynchronous w.r.t packet processing, If packet processing is accessing the API cleared pointer it result in crash.

Steps to Replicate: This is sporadic, running SRTP calls load can trigger this crash sometimes.

Platform/Feature: SBC

The SRTP SSRC update checks the in packet processing to verify whether the API updates cleared the reference to avoid null access.
155SBX-905942

The SBC was not sending the ACK to the 200OK for an INVITE after the 4th switchover.

Impact: N/A

Root Cause: Syncing of transferred calls to standby was not proper

Steps to Replicate:

1) Make a call form A to B
2) Switcover
3) Transfer from B to C
4) Switchover
5) Refer from C to D
6) Switcover
7) Refer from D to E
8) Call should be connected between A and E

Platform/Feature: SBC

The syncing is done in all states for transferred calls to remove the issue.
156SBX-89851 / SBX-870532

Portfix SBX-87053: The SBC fails to apply an ARS procedure on collecting a 503, with or without a Retry-After header when the FQDN is configured on the IP Peer. (Originated in release 8.0.0).

Impact: N/A

Root Cause: When FQDN configured on IP Peer, on getting 503 SBC should look for DNS resolved IP address, instead SBC looking at FQDN configured in IP peer and hence it fails to apply ARS.

Steps to Replicate:

1. Configure FQDN in IP peer
2. Enable uriPreference flag
3. Simulate UAS to reject INVITE with 503
4. SBC should apply ARS procedure on getting 503

Platform/Feature: SBC

The code is modified to have the DNS resolved IP address on collecting a 503 when the FQDN configured in the IP peer.
157SBX-890392

The System Diagnostics throws an error in Custom-> View Custom Perspectives through the xpath, which is incorrect.

Impact: N/A

Root Cause: Xpath was old must have been changed. Old xpath was not part of model.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to point to the correct xpath.
158SBX-889944

The status of the Routing Label Route in a table shows as out of service, even if it is In service when created. The out of service status shows when the code picks the wrong data for validating the status.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to adjust the Routing Label Route Status, which was shown as Out of Service.
159SBX-88860 / SBX-859022

Portfix SBX-85902: Whenever there is any SMM rule for a SDP body, the SMM will remove all linear white space before and after the “=” character from each SDP line.The removal of the white space before and after the "=" character results in a SIP parse error when valid lines "s= " or "l= ". (Originated in release 8.1.0).

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified not to remove any spaces for an S and I Line when using the SMM.
160SBX-887163

Remove the plainText EMS Passwords from the userData/MetaData files in cloud. EMS plain text password cannot be present in the SBC, it must be replaced with hashes.

Impact: N/A

Root Cause: N/A

Steps to Replicate: N/A

Platform/Feature: SBC

The plain text password of EMS is replaced with encrypted passwords.
161SBX-878832

A call is torn down if the SendOnlyPreferred enabled.

Impact: N/A

Root Cause: The receive and transmit payload type for ULAW and ALAW are not correctly set.

Steps to Replicate:

sipp -sf /sonus/support/SBX-87883/scenario_0x00408a30_UAC.xml -s 890 172.23.243.230 -m 1 -i 10.7.20.75
sipp -sf /sonus/support/SBX-87883/scenario_0x00408a30_UAS.xml -p 16284 -i 10.7.20.75

Enable SendOnlyPreferredCodec and HOP and HRP.

Platform/Feature: SBC

The code is modified to correctly set the receive and transmit payload type for the ULAW and ALAW. The ULAW and ALAW does not use an asymmetric payload type and is used for adding the logic.
162SBX-88454 / SBX-872422

Portfix SBX-87242: When the DNS packets are received over a TCP, during the failure case (primarily when the length is less than 0 after a reading from the socket), there is no validation of the DNS TCB (Transaction Control Block) pointer while processing. (Originated in release 8.1.0).

Impact: N/A

Root Cause:

This issue was reported as part of ASAN testing in SBC lab.
When SBC is receiving packets/PDUs from DNS server via TCP, it does the following
1. Process the PDU (valid data received from TCP socket). Once the PDU is processed, the Transaction Control Block (TCB) maintained is freed.
2. For the same transaction, if some data is received with the length < 0, we check if the TCB exist to process the connection failure. Here we are not checking whether the TCB pointer is already freed (i.e. NULL) or not.

Steps to Replicate: N/A

Platform/Feature: SBC

A defensive check (to validate if the TCB pointer is NULL or not) is added before processing a connection failure.
163SBX-757371

The Nessus scan found multiple vulnerabilities (1 critical, 3 high, 2 medium).

Impact: N/A

Root Cause: Many packages are out of date.

Steps to Replicate: Run Nessus scan.

Platform/Feature: SBC: Application

The code is modified to upgrade the vulnerable packages.
164SBX-87367 / SBX-871822

Portfix SBX-87182: There is an error while importing a perspective having " - " in the perspective name. (Originated in release 6.2.4).

Impact: N/A

Root Cause: Missing Validation for checking unwanted and illegal characters in the file names.

Steps to Replicate: N/A

Platform/Feature: SBC

The code is modified to implement the logic to verify and ensure that only valid characters are present in the file names.
165SBX-87171 / SBX-865933

Portfix SBX-86593: An EMA Template fails to import the Config when Special Characters are present. (Originated in release 6.2.4).

Impact: N/A

Root Cause: Logic to escape the HTML Characters was used while reading the request parameters . (Java Escape HTML Logic was in place).

Steps to Replicate: N/A

Platform/Feature: SBC

The logic to escape HTML Characters is removed in the TemplateConfigServlet.java file.


Known Issues

Known Issues in 07.02.02R000

There are no known issues in this release. 

Known Issues in 07.02.01R002 

The following issue exists in this release:


Known Issues

Issue IDSevProblem DescriptionImpact/Workaround
SBX-877402

LI call not working when standby MSBC is upgraded.

Platform/Feature: SBC

Impact: Interception of LI calls fail during upgrade (for instance, when the setup has S-SBC and the M-SBC running on different versions). The impact is only for in-service upgrade. No impact with respect to LI calls, when the VNF is brought down and re-created for upgrade..

Workaround: No workaround available.

Known Issues in 07.02.01F001 and 07.02.1F002 Releases

There are no known issues in these releases.

Known Issues in 07.02.01R001 Release 

The following issue exists in this release:


Known Issues

Issue IDSevProblem DescriptionImpact/Workaround
SBX-880031

 If there are any PRACK drops and call fails, a memory leak occurs.

Platform/Feature: SBC

Impact: In the rare case where a PRACK for 18x is dropped and the call eventually fails, a small leak of SCM memory can occur.

Workaround: No workaround available.

Known Issues in 07.02.01R000 Release 

The following issues exist in this release:


Known Issues

Issue IDSevProblem DescriptionImpact/Workaround
SBX-85825 2

When a headend cluster configuration is pushed, the Standby SBC reboots and hangs without getting the Configuration.

When a Standby SBC is rebooted, it transitions to registered online then later unregistered offline. This also happens in #1, Standby reboot after Configuration is pushed.

Platform/Feature: SBC Core: EMA

Impact: When a headend cluster configuration is pushed, Standby SBC fails to download the configuration and so fails to come up properly.

Workaround: To resolve the above issue, the fill rate and bucket size needs to be increased in lca.py script and the Standby SBC system needs to be rebooted so that it can download the configuration again.

SBX-863542

CallMedia and CallDetailstatus do not show in the EMA during the load run.

Platform/Feature: SBC Core: EMA

Impact: Call details Status and Call Media Status are intermittently not visible in the EMA.

Workaround: Call details status and Call Media status can be viewed from CLI.

SBX-852282

Observed M-SBC reboot and PrsProcess crash during 30000 NP based tones playing.

Platform/Feature: SBC Cloud

Impact: Under load with 30,000 simultaneous NP tones playing M-SBC switches over. M-SBC system confirmed to perform fine up to 28,000 simultaneous NP tones.

Workaround: No workaround available.

Known Issues in 07.02.00R002 Release 

The following issues exist in this release:


Known Issues

Issue IDSevProblem DescriptionImpact/Workaround
SBX-850713

The SBC did not like the <4K size INVITE PDU since the maxPduSizeValue = 6K.

Platform/Feature: SBC

Impact: A PDU of a size less than 6K is rejected with 400 Bad Request, when maxPduSizeValue is set to 6K.

Workaround: Increase the maxPduSizeValue to 15k.

SBX-770542

An LSWU Upgrade from 7.0 to 7.1 failed.

Platform/Feature: SBC 5000/7000 Series: Application

Impact: While upgrading from pre-7.1 releases to 7.1 and 7.2 releases, if the SNMP trap targets are setup with <space> in the name field then the upgrade fails. This affects all the platforms (SBC 5xxx/7xxx/SWe).

Workaround: Prior to the upgrade, the user must check and delete/replace any trap targets that are setup with <space> in the name.

SBX-86003

1

While UPDATE is pending and a subsequent 18x is received on Egress, the SBC includes SDP in the subsequent 18x on Ingress.

Platform/Feature: SBC Core: SIP Application

Impact: The peer may reject the call.

Workaround: No workaround available.

SBX-860942

Call fail after onhold and offhold.

Platform/Feature: SBC Core: SIP Application


Impact: A call onhold/offhold before being connected by Update may fail.

Workaround: Enable E2E Update.


SBX-858592

A race condition occurs under a 3x load scenario where MRF is configured as FQDN and none of the MRF server responds.

Platform/Feature: SBC: DSBC

Impact: The SCM process may core dump.

Workaround: No workaround available.



Known Issues in 07.02.00R001 Release 

The following issues exist in this release:


Known Issues

Issue IDSevProblem DescriptionImpact/Workaround
SBX-760662

The SBC is discarding media packets when the SBC is monitoring and media packets are received from IPV6 terminated peer.

Platform/Feature: SBC CE: Application

Impact:

The RTP monitoring feature will not work for IPv6 terminated peers, and therefore the following behavior will be observed.

  1. If The SBC is in tone playing state and expecting media cut through after successful monitoring, the SBC will continue the tone play even though the expected RTP packet count is received, which is discarded by the SBC because of this issue.
  2. If the SBC does not have conditions for delayed tone play, is not in tone playing state and is expecting media cut through after successful monitoring, the SBC will discard media packets because of this issue.
  3. If the SBC has conditions for delayed tone play, is not in tone playing state, and is expecting media cut through after successful monitoring, the SBC will discard media packets because of this issue and therefore the delayed tone play starts because of the monitoring failure.

Workaround: no workaround for IPv6, but the same feature works for IPv4.

SBX-850713

The SBC did not like the <4K size INVITE PDU since the maxPduSizeValue = 6K.

Platform/Feature: SBC

Impact: A PDU of a size less than 6K is rejected with 400 Bad Request, when maxPduSizeValue is set to 6K.

Workaround: Increase the maxPduSizeValue to 15k.

SBX-770542

An LSWU Upgrade from 7.0 to 7.1 failed.

Platform/Feature: SBC 5000/7000 Series: Application

Impact: While upgrading from pre-7.1 releases to 7.1 and 7.2 releases, if the SNMP trap targets are setup with <space> in the name field then the upgrade fails. This affects all the platforms (SBC 5xxx/7xxx/SWe).

Workaround: Prior to the upgrade, the user must check and delete/replace any trap targets that are setup with <space> in the name.


Known Issues in 07.02.00R000 Release

The following issues exist in this release:


Known Issues

Issue ID

Sev

Problem Description

Impact/Workaround

SBX-74179


1

Cannot ping the G/W from the V6 interface alternatively when Alt_IP's are configured in X710 NIC card server.

Platform/Feature: SBC CE: Application, Platform

Impact: IPv6 with X710 NIC cards in SRIOV mode will not work as multicast packets will be dropped by the PF.

Workaround:

Set the trust mode to "on" for all the VFs on the computes.

ip link set dev <PF name> VF <vf id> trust on

This needs to be done for all computes and all created VFs (this change is not persistent across reboots). This will allow Multicast promiscous mode to work.

Otherwise, add a static neighbor table entry on the remote servers connecting to the SBC using the following command:

ip -6 neigh add <IPv6 address> lladdr <link-layer address> dev <device>

SBX-73218


 1

The S-SBC is unable to register 1M endpoints with 1000 RPS and is having a 180 second refresh Register with RHEL 7.5, RHOSP 13 (Queens) setup.

Platform/Feature: SBC CE: Application

Impact: Virtual ports intermittently stop responding on compute node running on RHOSP 13 (Queens) under certain conditions. Specifically, at 1000 RPS with refresh registration interval at 180 seconds, virtual ports stop responding after reaching 500K registrations. This issue is not seen when the refresh registration interval is configured as 200 seconds and above

Workaround: Use SR-IOV ports only when using RHOSP 13 (Queens) release.

SBX-73943


2

The SBC does not add all codecs when Update is received with updated SDP from egress and sends 200 OK for Update with all supported codecs towards egress, the SBC is playing tone.

Platform/Feature: SBC Core: Application

Impact: The call signaling and media work properly, but media clipping can occur if the final cut-thru codec received from UAS is different from the codec that is being used for playing tone. 

Workaround: No workaround available.

SBX-74945

 4

Unable to commit pkt and sip-sig config with single commit command. An error message is thrown when the commit command is given.

Platform/Feature: SBC Core: CLI

Impact: Commit cannot be issued in for all set commands until the ipInterfacegroup is committed.

Workaround: Commit should be issued for ipInterfacegroup first and then commit for the remaining set commands can be executed.

SBX-73660


 2

Unable to view TRAPS under Fault Management in Cloud-ISBC (Openstack Nova Platform) in EMS.

Platform/Feature: SBC CE: Application, EMA/EMS

Impact: EMS will not be able to identify the trap since the source IP address is packet interface.

Workaround: Add a static route to EMS from the SBC through management interface.

SBX-725132

Memory congestion was observed when executing around 64K calls in the 32GB SWe system.

Platform/Feature: SBC SWe: SIP-Peering

ImpactOn a SWe system with 32GB 32vCPU, the SBC is only able to scale up to 60K calls instead of 64K, due to per call memory increase.

Workaround: No workaround available.

SBX-713032

Observing 503 response for more time post port SWO in S-SBC.

Platform/Feature: SBC CE: Application

Impact: The load is 1000cps/120K calls. After doing port SWO on S-SBC, SBX rejects calls with a 503 response for 86 seconds. Later SBX again responds with 503 responses for approx 36 seconds. After that, it stabilizes.

Workaround: No workaround available.

SBX-727362

The SBC is not able to handle 150 Sa/Sec IPsec load on the Yellowfin Platform.

Platform/Feature: SBC 5000/7000 Series: SIP

Impact: If the rate for IPsec SA setup using IKE is increased beyond 60 SA/s, errors are seen.

Workaround: No workaround available.

SBX-72652


2

The PSBC observing system is in continuous iRTT congestion during the overload test.

Platform/Feature: SBC CE: Application

Impact: IRTT congestion is observed continuously for the 15 mins duration of 3x overload. There is no congestion during normal 1x load. This is 1000cps/120K in DSBC (PSBC).

Workaround: No workaround available.

SBX-745462

The SBC failed to generate Enum lookup after updating the dynamic metaVariable.

Platform/Feature: SBC CE: Application

Impact: Enum lookup fails to generate if the meta variable related to sipSigPort (used for the Enum lookup) is dynamically updated.

Example:

Before updating sipSigPort with new dynamic metaVariable:

admin@vsbc1% show global servers lwresdProfile

lwresdProfile DEFAULT {

    description          DEFAULT;

    enumDomainNameLabel  DEFAULT_ZONE_LABEL;

    enableLwresdLog      disable;

    type                 signalingIp;

    addressContext       default;

    eDnsGlobalBufferSize 4096;

    eDnsMonitorInterval  120;

    zone                 ZONE_ING_V6;

    sipSigPort           3;

    ipInterfaceGroupName LIG_ING_V6;

}

admin@vsbc1% show addressContext default zone ZONE_ING_V6 sipSigPort

sipSigPort 3 {

    ipInterfaceGroupName      LIG_ING_V6;

    portNumber                5060;

    mode                      inService;

    state                     enabled;

    transportProtocolsAllowed sip-udp,sip-tcp;

    ipVarV6                   IF2.IPV6;

}

[root@VSBCSYSTEM-vsbc1 linuxadmin]# lsof -ni:5060

COMMAND     PID       USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME

CE_2N_Com 32059 sonusadmin  110u  IPv6 3716854      0t0  UDP [fd00:10:6b50:5d20::c9]:sip

CE_2N_Com 32059 sonusadmin  111u  IPv6 3716855      0t0  TCP [fd00:10:6b50:5d20::c9]:sip (LISTEN)

CE_2N_Com 32059 sonusadmin  112u  IPv6 3716856      0t0  UDP [fd00:10:6b50:5d20::a9]:sip

CE_2N_Com 32059 sonusadmin  113u  IPv6 3716857      0t0  TCP [fd00:10:6b50:5d20::a9]:sip (LISTEN) 

ENUM query is successful from sipSigport (fd00:10:6b50:5d20::a9)

After updating sipSigport to new dynamic metaVariable:

admin@vsbc1> show table system metaVariableDynamic

CE NAME              NAME     VALUE                 

-----------------------------------------------------

vsbc1-10.34.195.109  lpl_egg  fd00:10:6b50:5d20::c9 

vsbc1-10.34.195.109  lpl_ing  fd00:10:6b50:5d20::c7 

admin@vsbc1% show addressContext default zone ZONE_ING_V6 sipSigPort

sipSigPort 3 {

    ipInterfaceGroupName      LIG_ING_V6;

    portNumber                5060;

    mode                      inService;

    state                     enabled;

    transportProtocolsAllowed sip-udp,sip-tcp;

    ipVarV6                   lpl_ing;

}

[root@VSBCSYSTEM-vsbc1 linuxadmin]# lsof -ni:5060

COMMAND     PID       USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME

CE_2N_Com 32059 sonusadmin  110u  IPv6 3716854      0t0  UDP [fd00:10:6b50:5d20::c9]:sip

CE_2N_Com 32059 sonusadmin  111u  IPv6 3716855      0t0  TCP [fd00:10:6b50:5d20::c9]:sip (LISTEN)

CE_2N_Com 32059 sonusadmin  112u  IPv6 3716856      0t0  UDP [fd00:10:6b50:5d20::c7]:sip

CE_2N_Com 32059 sonusadmin  113u  IPv6 3716857      0t0  TCP [fd00:10:6b50:5d20::c7]:sip (LISTEN)

ENUM query is not picking new sipSigport (fd00:10:6b50:5d20::c7) updated with dynamic metaVariable


Workaround: Do not update the metavvariable associated with a sipSigPort if Enum is being used.

Example:

Don't update the sipSigport to new metaVariable

admin@vsbc1% show addressContext default zone ZONE_ING_V6 sipSigPort

sipsigPort 3 {

    ipInterfaceGroupName      LIG_ING_V6;

    portNumber                5060;

    mode                      inService;

    state                     enabled;

    transportProtocolsAllowed sip-udp,sip-tcp

    ipVarV6                   IF2.IPV6;

}

SBX-756092

The SBC VM is failing to join back the cluster post switchover after healing (Recreate_destroy) N:1 MSBC VM.

Platform/Feature: SBC CE: Install/Upgrade(Platform)

 Impact: The Ribbon VNF Manager provides functionality to manually heal a VM within an  orchestrated VNF.  There are a number of options for healing provided, including a Recreate_destroy option.  There is an issue if the Recreate_destroy is executed on a VM that has DHCP enabled on its interfaces.  In this case, the VM is provided new IP addresses, causing that VM to be unable to re-join in the cluster.

Workaround: There is no workaround that is not service impacting.  Do not execute the Recreate_destroy option on a VM that has DHCP enabled.

SBX-742692

The IPv6/v4 Interface update with a new dynamic meta Variable is not deleting the old IP address.

Platform/Feature: SBC CE: Application

Impact: The old IP address is not getting deleted when the ipInterfaceGroup is updated with new dynamic meta variable.

Example:

Before updating ipInterfaceGroup with dynamic metaVariable:

admin@vsbc1> show table system metaVariable | match IF2.IPV6

vsbc1-10.34.195.109  IF2.IPV6      fd00:10:6b50:5d20::a9 

admin@vsbc1% show addressContext default ipInterfaceGroup LIG_ING_V6

ipInterface PKT_ING_V6 {

    ceName      SSBCACTIVE;

    portName    pkt0;

    mode        inService;

    state       enabled;

    ipVarV6     IF2.IPV6;

    prefixVarV6 IF2.PrefixV6;

    vlanTagVar  IF2.VlanId;

}

pkt0.609  Link encap:Ethernet  HWaddr fa:16:3e:ee:70:92 

          inet6 addr: fd00:10:6b50:5d20::a9/60 Scope:Global

          inet6 addr: fe80::f816:3eff:feee:7092/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:8954 errors:0 dropped:0 overruns:0 frame:0

          TX packets:9060 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:780288 (762.0 KiB)  TX bytes:902476 (881.3 KiB)                                                          

Creating dynamic metaVariable:

admin@vsbc1> show table system metaVariableDynamic

CE NAME              NAME  VALUE                 

--------------------------------------------------

vsbc1-10.34.195.109  lpl   fd00:10:6b50:5d20::cf 

vsbc1-10.34.195.110  lpl   fd00:10:6b50:5d20::ff 

[ok][2018-11-13 07:11:41]

After updating ipInterfaceGroup with dynamic metaVariable (lpl) old IP (IF2.IPV6) is not deleted from interface

admin@vsbc1% show addressContext default ipInterfaceGroup LIG_ING_V6

ipInterface PKT_ING_V6 {

    ceName      SSBCACTIVE;

    portName    pkt0;

    mode        inService;

    state       enabled;

    ipVarV6     lpl;

    prefixVarV6 IF2.PrefixV6;

    vlanTagVar  IF2.VlanId;

}

pkt0.609  Link encap:Ethernet  HWaddr fa:16:3e:ee:70:92 

          inet6 addr: fd00:10:6b50:5d20::a9/60 Scope:Global

          inet6 addr: fe80::f816:3eff:feee:7092/64 Scope:Link

          inet6 addr: fd00:10:6b50:5d20::cf/128 Scope:Global

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9093 errors:0 dropped:0 overruns:0 frame:0

          TX packets:9209 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:792396 (773.8 KiB)  TX bytes:917382 (895.8 KiB)


Workaround: To change an addressContext ipInterfaceGroup to use a different ipVarV6 you must delete the ipInterfaceGroup and recreate it.

Example:

Delete the interface group:

 delete addressContext default ipInterfaceGroup LIG_ING_V6

Create interface group with new dynamic metaVariable:

admin@vsbc1% show addressContext default ipInterfaceGroup LIG_ING_V6

ipInterface PKT_ING_V6 {

    ceName      SSBCACTIVE;

    portName    pkt0;

    mode        inService;

    state       enabled;

    ipVarV6     lpl;

    prefixVarV6 IF2.PrefixV6;

    vlanTagVar  IF2.VlanId;

}

pkt0.609  Link encap:Ethernet  HWaddr fa:16:3e:ee:70:92 

          inet6 addr: fd00:10:6b50:5d20::cf/60 Scope:Global

          inet6 addr: fe80::f816:3eff:feee:7092/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9093 errors:0 dropped:0 overruns:0 frame:0

          TX packets:9209 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:792396 (773.8 KiB)  TX bytes:917382 (895.8 KiB)

 Note: Similar procedure for IPV4.

SBX-758473

The RTCP port is not transparently passed in Direct Media.

Platform/Feature: SBC Core: Application

Impact: In case of a Direct Media call, the SBC will add an RTCP port in the outgoing INVITE SDP, when RTCP is enabled on Egress PSP and the RTCP port was not received in the incoming INVITE SDP.

Workaround: Disable RTCP flag on Egress PSP.

set profiles media packetServiceProfile PSP_DM_DTLS rtcpOptions rtcp disabled


Known Limitations

The following limitations exist in this release:

  • Due to a known EMA GUI issue, it can take up to 10 minutes to process each SMM rule when provisioning SMM on the SBC using the EMA. This will be fixed in a future release.

  • The Access Control List (ACL) is not installed to configure SNMP traps for accepting traffic. A dynamic ACL is added to configure SNMP traps. An ACL must be installed for SNMP traps for accepting traffic.
  • The physical NIC connectivity must be in active state at the hypervisor level before starting the SWe instance on the SBC SWe platforms. In case of SWe instance with SR-IOV interfaces, manual restart of the SWe instance is required if physical NIC connectivity goes down while the instance is in progress.
  • The Antitrombone feature is not supported on the D-SBC.
  • EMS identifies the nodes based on the VNFC-ID. While instantiating SBC/PSX cloud nodes, ensure that you use a unique VNFC-ID only. If you reuse an existing VNFC-ID, EMS treats this as a re-registration request and overwrites the existing data on the cloud node.
  • While configuring the SBC SWe Cloud instances, the CLIs commits successfully even if any metaVariable provided is incorrect. The SBC SWe Cloud instance cannot validate the CLIs, as the CDB configuration file is stored in the SBC Configurator and is shared among all the other SBC SWe Cloud instances in the cluster.
  • Editing IP Interface is not reflected in the if configuration (ifConfig). This behavior is observed only on the S-SBC when action is set to "dryup" mode on the IP Interface. The IP address changes are not updated in the kernel and will not be displayed when ifconfig linux command is executed. In case of S-SBC, if the ipInterface configuration needs to be modified and if the action is set to "dryup" in ipInterface configuration, it must be set to "force" before disabling the ipInterface and making any changes.
  • A LSWU on an SBC 7000 should only be performed when the total number of active calls on the system is below 18,000. If the criteria is not met, a double failure during the upgrade may occur thereby losing all active calls. If such a failure occurs, both active and standby SBC services will go down.  Contact Ribbon Support immediately.

The VLAN tagged SRIOV packet interfaces are unable to ping endpoint Gateway IPs in the VMware platform because of an issue with VMWare.

Performing Heat Stack Update when userdata is Updated with SSH Keys

When upgrading SBC SWe cloud instances to release 7.2, you must update your Heat template userdata section to include mandatory SSH key information. An issue in OpenStack requires that you use the stack-update process rather than re-launch after updating the template, which leads to a new UUID for the instance. As a result, you must regenerate and apply new license bundles to the upgraded instances during the upgrade.

Refer to Upgrading M-SBCs in an N:1 Redundancy Group for the relevant procedure. 

Restricted Functionality with SBC

The following functionalities are not supported with SBC Microservices:

  • SRTP
  • Far end NAT traversal
  • DTMF inter-working
  • RTCP termination for pass-through calls
  • Direct Media and Antitrombone
  • NICE, SIP-REC
  • Rx, Rf interfaces
  • Multimedia - MSRP, BFCP  
  • Fax detection
  • ICE/STUN
  • SIP REFER
  • SIP REPLACE
  • Two stage calls

  • H323 support
  • GW signaling support

Network Licensing Limitations

After switchover during grace period, when the new standby SBC comes up and establishes itself as standby, there is a short period (a few minutes) when the standby is synchronized for normal operation, but the new standby has not yet completed establishing its licensing state using the grace license information. If there is a second SBC switchover during that window, the new active SBC (which became active before completing license state synchronization) will lose calls until it re-acquires the grace licenses.

For configuring Network Wide Licensing, refer to Configuring Network Wide Licensing on D-SBC. This procedure is common for D-SBC and SBC.