To learn more about the various methods of controlling transport protocols for SIP signaling and how these work together, refer to Controlling SBC Core Transport Protocols for SIP Signaling.


In this section:


Overview

Use this object to configure SIP signaling ports for a specified zone. For additional routing details, refer to Routing Mechanisms page.

A SIP Signaling Port is a logical address permanently bound to a specific zone and is used to send and receive SIP call signaling packets. A SIP Signaling Port is capable of multiple transports such as UDP, SCTP, TCP and TLS/TCP.

SBC Core supports up to 16 SIP Signaling Ports per zone. These SIP Signaling Ports can use the same IP address, but each must have its own unique UDP/TCP port. In the example below, three SIP Signaling Ports are created using the same IP address but each with a unique UPD port.

  • SIP Signaling Port 1: 100.110.120.130 port 5060 
  • SIP Signaling Port 2: 100.110.120.130 port 5070
  • SIP Signaling Port 3: 100.110.120.130 port 5080

A SIP Signaling Port can contain an IPv4 address, an IPv6 address or both. However, all SIP Signaling Ports within a particular zone must use the same address types as shown in below examples.

Example 1:

  • SIP signaling port 1 - IPv4 address
  • SIP signaling port 2 - IPv4 address

Example 2:

  • SIP signaling port 1 - IPv6 address
  • SIP signaling port 2 - IPv6 address

Example 3:

  • SIP signaling port 1 - IPv4 / IPv6 addresses
  • SIP signaling port 2 - IPv4 / IPv6 addresses

A SIP Signaling Port must reference one IP Interface Group signifying that signaling associated with that port is restricted to IP Interfaces in that group. Only reference IP Interface Groups within the same Address Context.


Note

The  SBC 7000 system supports creating IP Interface Groups containing sets of IP interfaces that are not "processor friendly" (i.e. carried on physical Ethernet ports served by separate processors). However, restrictions exist regarding the usage of such Interface Groups.

(This ability does not apply to the SBC 5400 system which have only two physical media ports. IP interfaces from the two physical ports may be configured within the same IP Interface Groups without restrictions.)

For complete details, refer to Configuring IP Interface Groups and Interfaces.


Note
Ribbon recommends using the highest TLS version supported by both the SBC and the peer equipment.


Note

If a zone's sipSigPort is configured for transportProtocolsAllowedsip-tls-tcp, the SBC increments the configured portNumber by 1 and uses it as the new port number for SIP over TLS signaling. The SBC then opens a TCP socket for SIP over TLS for the new TCP port number.

Example: When sipSigPort is configured with a portNumber of 5060 and transportProtocolsAllowed = sip-tls-tcp, the SBC listens on TCP port 5061 for SIP over TLS.


Command Syntax

SBC 7000/SWe Syntax

% set addressContext <name> zone <name> sipSigPort <index #>
	action <dryup | force>
	dryUpTimeout <1-1440 mins>
	dscpValue <0-63>
	enforceAORMatch <disabled | enabled>
	facState <disabled | system>
    ipAddressV4 <IPv4 address>
	ipAddressV6 <IPv6 address>
	ipInterfaceGroupName <name>
	maskIpAddressforRcb <disabled | enabled>
	maskPortforRcb <disabled | enabled>
	mode <inService | outOfService>
	portNumber <1-65535>
	recorder <disabled | enabled>
	sctpProfileName <name>
	siprec <disabled | enabled>
    sipTcpConnectionAgingState <disabled | enabled>
	state <disabled | enabled>
	tcpConnectTimeout <0-180>
	tcpKeepaliveInterval <60-120 seconds>
	tcpKeepaliveProbes <1-10>
	tcpKeepaliveTime <60-7200 seconds>
	tcpUserTimeout < 0 | 10-3600 seconds >	
	tlsProfileName <name>
	transportProtocolsAllowed <sip-sctp | sip-tcp | sip-tls-tcp | sip-udp | sip-ws-tcp | sip-wss-tls>

S-SBC Syntax

% set addressContext <name> zone <name> sipSigPort <index #>
	action <dryup | force>
	dryUpTimeout <1-1440 mins>
	dscpValue <0-63>
	enforceAORMatch <disabled | enabled>
	facState <disabled | system>
    ipInterfaceGroupName <name>
	ipPublicVarV4 <metadata>
    ipPublicVarV6 <metadata>
    ipVarV4 <metadata>
    ipVarV6 <metadata>
	maskIpAddressforRcb <disabled | enabled>
	maskPortforRcb <disabled | enabled>
	mode <inService | outOfService>
	portNumber <1-65535>
	recorder <disabled | enabled>
	sctpProfileName <name>
	siprec <disabled | enabled>
    sipTcpConnectionAgingState <disabled | enabled>
	state <disabled | enabled>
	tcpConnectTimeout <0-180>
	tcpKeepaliveInterval <60-120 seconds>
	tcpKeepaliveProbes <1-10>
	tcpKeepaliveTime <60-7200 seconds>
	tcpUserTimeout < 0 | 10-3600 seconds >	
	tlsProfileName <name>
	transportProtocolsAllowed <sip-sctp | sip-tcp | sip-tls-tcp | sip-udp | sip-ws-tcp | sip-wss-tls>
Note:

Make sure when configuring sipSigPort and dsbcSigPort for an S-SBC deployment that you specify different IP addresses for them. To do so you must select different metavariables for each of them. The actual values of the metavariables are determined during orchestration based on your Heat templates.

Command Parameters

Key

M = Mandatory

O = Optional

Zone SIP Signaling Port Parameters

Zone SIP Signaling Port Parameters

ParameterLength/RangeDescription
<index #>1-4096

The Sip Signaling Port for this zone.

M
actionN/A

Use this object to specify a clearing action when the SIP Signaling Port goes out-of-service (OOS). Calls can be forcefully cleared or allowed to dry up in out-of-service mode.

  • dryup – SBC starts the dryUpTimeout timer indicating the time in minutes the calls are allowed to complete. Once the timer expires, ongoing calls are torn down gracefully.
  • force (default) – Ongoing calls on the given signaling port are cleared immediately.

NOTE: If a SIP signaling port is put out of service when action = dryup, always let the dryUpTimeout timer expire before putting the SIP signaling port back into service. Otherwise, the SIP signaling port may not come up properly.

O
dryUpTimeout1-1440

Use this parameter to specify the duration (in minutes) during which existing calls are allowed to complete in out-of-service mode. (range: 1-1440 / default = 60)

When action = dryup and sipSigPort goes OOS, the SBC starts a dry-up timer for the configured duration to allow existing calls to complete in OOS mode. The SBC exhibits the following behavior when the dry-up mode is enabled:

  • Calls: All in-dialog messages are allowed, new INVITE messages are rejected with 503.
  • Registrations: All refresh REGISTER and de-REGISTER messages are allowed, new REGISTER messages are rejected with 503.
  • Out-Of-Dialog (OOD) relay messages: All new OOD messages are rejected with 503. However, in-dialog messages with-in REFER and SUBSCRIBE dialogs are allowed.

Once the dryUpTimout timer expires, the SBC tears down ongoing calls and all ongoing SIP Registrations and non-call related dialogs are cleared internally. The SIP Signaling Port is then moved to OOS state whereby SIP messages are no longer admitted.

NOTE: This parameter is only visible when action = dryup.

NOTE:  This parameter is configurable irrespective of the setting of the SIP Signaling Port state.

O
dscpValue
0-63DSCP value for packets from this SIP Signaling Port. (default = 0).O
enforceAORMatchN/A

Enable this flag to enforce AOR matching for messages from registered users.

  • disabled (default)
  • enabled
O

facState

N/A

Use this flag to control whether the fault avalanche control state uses the global level setting.

  • disabled - The system does not check for blocking or dropped packets that this signaling port received.
  • system (default) - The signaling port inherits the global level setting.

ipAddressV4N/A

IPv4 address for this SIP signaling port in dotted decimal format (for example 128.127.50.224).

NOTE: For S-SBC configurations, this parameter is replaced with the parameters in the S-SBC Parameter Differences table below.

O
ipAddressV6N/A

IPv6 address for this SIP signaling port in hexadecimal/colon format. (for example, 1280:1276:3350:2224:2222:3333:8888:1245 or fd00:21:445:128::7880).

NOTE: For S-SBC configurations, this parameter is replaced with the parameters in the S-SBC Parameter Differences table below.

O
ipInterfaceGroupName1-23 charactersThe name of the IP Interface Group used by this signaling port.M

maskIpAddressforRcb

N/A

Use this flag to fetch the RCB value for a user using only the source port and not the source IP address for generating the hashKey.

  • disabled (default)
  • enabled

NOTE: The flag maskPortforRcb must be disabled to use this flag. Both flags cannot be enabled at the same time.

O

maskPortforRcb

N/A

Use this flag to fetch the RCB value for a user using only the source IP address and not the source port for generating hashKey

  • disabled (default)
  • enabled

NOTE: The flag maskIpAddressforRcb must be disabled to use this flag. Both flags cannot be enabled at the same time.

O
mode  N/A

Operational mode for this SIP Signaling Port.

  • inService (default)
  • outOfService
O
 portNumber 1-65535

UDP/TCP port number of SIP Signaling Port (default = 5060).

If transportProtocolsAllowed is “sip-udp”, ensure that portNumber value is outside the configured system-wide mediaPortRange unless portNumber = default value “5060”. If portNumber is set to a number other than “5060”, the user is prompted to continue with the configuration.

For example, if media port range is 5000-6000, portNumber should be configured starting with 6002 (6001 cannot be used as its used for RTCP by default).

To view mediaPortRange values, use the command:

> show configuration details system media mediaPortRange

O
recorder N/A

Enable flag to indicate the port is being used for recording.

  • disabled (default)
  • enabled
O

sctpProfileName

1-23 charactersSCTP profile name.O
siprec  N/A

Administrative state of the SIP Signaling Recorder Port. Enable flag to use the port for recording using SIPREC Protocol.

  • disabled (default)
  • enabled

NOTE: The SIPREC feature is controlled by a system-wide SBC license (SBC-SIPREC). If the license is not available, any SIPREC recording returned by a PSX is ignored.

NOTE: When the siprec flag is enabled, ensure the recorder flag is disabled.

O

sipTcpConnectionAgingState

N/A
Enable flag to retain the present behavior. Connections are added to the TCP aging list and are closed if they are idle for more than an hour. When disabled, TCP connections are not added to the aging list and are maintained even if they are idle for more than an hour. Connections will live until intentionally closed or keepalive failures kick in.
  • disabled
  • enabled (default)
O
state  N/AAdministrative state of the SIP Signaling Port.
  • disabled (default)
  • enabled
O
tcpConnectTimeout  0-180

The maximum time (in seconds) the SBC waits for an outbound connection to complete. (default = 5).

NOTE: This application level configuration has NO impact on any IP layer re-transmission of SYN.

O
tcpKeepaliveInterval60-120

The number of seconds between TCP Keep-alive probes (default = 60).

O
tcpKeepaliveProbes1-10

The maximum number of TCP Keep-alive probes to send until SBC decides that the connection is broken (default = 2).

O
tcpKeepaliveTime60-7200

The number of seconds a TCP connection remains idle before TCP Keep-alive probes are sent out. A value of "0" disables this parameter (default = 0).

NOTE: Always configure tcpKeepaliveTime with a higher value than tcpKeepaliveInterval.

O
tcpUserTimeoutN/A

Maximum number of seconds that transmitted data remains unacknowledged before TCP forcibly closes the corresponding connection.
Enter a value of 0 (use system default) or value in the range 10-3600.


O
tlsProfileName N/ATLS Profile name used by this Signaling Port.O
transportProtocolsAllowedN/A

Transport protocols allowed on this signaling port.

  • sip-sctp
  • sip-tcp 
  • sip-tls-tcp 
  • sip-udp (default)
  • sip-ws-tcp
  • sip-wss-tls

NOTE: The SBC only supports UDP towards the recording server.

O
Note

If recorder is enabled, the SBC does not handle the following requests. To overcome this, configure a separate SIP Signaling Port towards the recording server (with recorder enabled).

  • OPTIONS
  • NOTIFY
  • SUBSCRIBE
  • MESSAGE
  • PUBLISH
  • INFO
  • REFER
  • REGISTER

S-SBC Parameter Differences

For S-SBC configurations, the following parameters are used in lieu of ipAddressV4 and ipAddressV6 parameters listed in the above table.

S-SBC Parameter Differences

ParameterLength/RangeDescription
ipPublicVarV41-255 charactersThe name of the metaVariable used to fetch a public/floating IPv4 address for this SIP signaling port.O
ipPublicVarV61-255 charactersThe name of the metaVariable used to fetch a public/floating IPv6 address for this SIP signaling port.O
ipVarV41-255 charactersThe name of the metaVariable used to fetch a IPv4 address for this SIP signaling port.O
ipVarV61-255 charactersThe name of the metaVariable used to fetch a IPv6 address for this SIP signaling port.O

Command Examples

To set SBC tcpKeepaliveTime to 90 seconds, tcpKeepaliveInterval to 60 seconds and tcpKeepaliveProbes count to 2:

set addressContext default zone ZONE_SIPART_AS sipSigPort 2 tcpKeepaliveTime 90 tcpKeepaliveInterval 60 tcpKeepaliveProbes 2
commit
 
show details addressContext default zone ZONE_SIPART_AS sipSigPort 2
ipInterfaceGroupName      LIG2;
ipAddressV4               10.11.12.13;
portNumber                5060;
mode                      inService;
state                     enabled;
recorder                  disabled;
siprec                    disabled;
tcpConnectTimeout         5;
dscpValue                 0;
tlsProfileName            defaultTlsProfile;
transportProtocolsAllowed sip-tcp;
sctpProfileName           defaultSctpProfile;
tcpKeepaliveTime          90;
tcpKeepaliveInterval      60;
tcpKeepaliveProbes        2;


To create a S-SBC SIP Signaling Port for a particular zone:

set system ntp timeZone vsbcSystem zone asia-Kolkata
commit
set addressContext default dnsGroup SWeDNS
commit
set addressContext default dnsGroup SWeDNS server SWeDNS ipAddress fd00:10:6b50:45c0::b4 priority 0 state enabled
commit
set addressContext default dnsGroup SWeDNS type ip interface S_IMS_SIG_V6
commit
set addressContext default zone INTERNAL id 3 sipSigPort 1 ipInterfaceGroupName S_VBIZ_V4 ipVarV4 IF6.IPV4 portNumber 5060 transportProtocolsAllowed sip-udp,sip-tcp state enabled mode inService
commit
set addressContext default zone EXTERNAL id 4 sipSigPort 2 ipInterfaceGroupName S_IMS_SIG_V6 ipVarV6 IF2.IPV6 portNumber 5060 transportProtocolsAllowed sip-udp,sip-tcp state enabled mode inService
commit
set addressContext default zone INTERNAL id 3 sipSigPort 3 ipInterfaceGroupName S_CDMA_V4 ipVarV4 IF5.IPV4 portNumber 5060 transportProtocolsAllowed sip-udp,sip-tcp state enabled mode inService
commit
set addressContext default zone INTERNAL sipTrunkGroup INGRESS_TG mode inService state enabled media mediaIpInterfaceGroupName M_VBIZ_V4
commit
set addressContext default zone INTERNAL sipTrunkGroup INGRESS_TG ingressIpPrefix 0.0.0.0 0
commit
set addressContext default zone EXTERNAL sipTrunkGroup EGRESS_TG mode inService state enabled media mediaIpInterfaceGroupName M_IMS_SIG_V6
commit
set addressContext default zone INTERNAL sipTrunkGroup EGRESS_TGV4 mode inService state enabled media mediaIpInterfaceGroupName M_CDMA_V4
commit
set addressContext default zone EXTERNAL sipTrunkGroup EGRESS_TG ingressIpPrefix :: 0
commit


To set tcpUserTimeout:

set addressContext default zone defaultSigZone sipSigPort 1 tcpUserTimeout 0
commit

  • No labels