In this section:
A profile allows you to create a specific set of characteristics different from the standard
To achieve efficient device failover to the backup/secondary Application Server, the
These ARS profiles can be assigned to the services section of a SIP trunk group to enforce the blacklisting and recovery of any SIP peer(s) associated with the trunk group. If no recovery algorithm is specified when configuring a SIP ARS profile, the recovery algorithm default values are used as indicated below:
recoveryAlgProbeDuration: 1 second
recoveryAlgProbeInterval: 1 second
recoveryAlgProbeMethod: sip-options
recoveryAlgProbeNumResponses: 1
recoveryAlgTimerDuration: 1 second
recoveryAlgorithm: probe
Refer to the following pages for configuration details:
The
Refer to the following pages for configuration details:
The Cause Map Profile, SIP-to-CPC and CPC-to-SIP mappings provide customized tables on the
The
The following IPSP configurations are added to PSX under SIP Cause Mapping section to specify the Cause Code Mapping profile name.
The PSX returns the Cause Code profile name in the POL responses. The
The
If a policy response contains a profile name and a locally configured profile uses the same name, the
If a policy response does not contain a profile name or if the profile name does not match with any local profile, the
The
Refer to the following pages for configuration details:
This object creates and configures an Emergency Call Profile for SIP calls used to host emergency call criteria. The emergency call classification methods are:
Refer to the following pages for configuration details:
JIP handling is only supported when using an external PSX in the network.
The Jurisdiction Information Parameter (JIP) is a 6-digit field (NPA-NXX format) in an ISUP IAM message used to indicate the geographic location of the originating caller or switch. This information may be used in billing.
The SBC supports sending JIP information in SIP-SIP, SIP-SIP-I and SIP-I to SIP scenarios. This capability is enabled/disabled through the SIP Jurisdiction Support option (sipJurisdictionSupport
flag) set in the SIP trunk group, and specific processing details are controlled through the SIP JIP profile assigned to the trunk group.
When SIP Jurisdiction support is enabled, options in the SIP JIP profile assigned to the ingress SIP trunk group specify where to extract the SIP JIP value from in an incoming SIP INVITE message. The SBC can take the JIP value from the following parameters:
rn
parameter in the PAI headerjip
parameter in the PAI headerrn
parameter in the From headerjip
parameter in the P-DCS-Billing-Info headerNote that if a SIP JIP profile enables more than one possible source parameter, the SBC prioritizes them in the order shown above.
The SBC sends the JIP value it extracts to the external PSX. Based on its configuration, the PSX determines what JIP value should be sent out and returns this value to the SBC.
In the outgoing message, the SBC sends the JIP it received from the PSX in the parameter specified in the SIP JIP profile assigned to the egress SIP trunk group. The parameter options are the same as the source choices:
rn
parameter in the PAI headerjip
parameter in the PAI headerrn
parameter in the From headerjip
parameter in the P-DCS-Billing-Info headerFor cases when the JIP value is sent in a P-DCS-Billing-Info header, the SIP trunk group also includes a parameter (feidForPDCS
) in which you can specify a Financial-Entity-ID (FEID) to be sent out in the egress PDCS-Billing-Info header. An FEID consists of hexadecimal string of up to 16 characters followed by a domain name.
The SBC records JIP-related details in the Call Detail Record.
Refer to the following pages for configuration details:
The Online Certificate Status Protocol (OCSP) enables
When a peer sends certificates, an OCSP client (e.g. SIPFE) issues a status request to an OCSP responder and suspends acceptance of the certificates in question until the responder provides a response. The OCSP client needs the address/URL of the OCSP responder, the certificate to be checked, and the certificate issuer’s certificate. The OCSP URL can be FQDN or IPv4 address plus port number.
The
The
The
The user may create up to four OCSP profiles per system, each specifying the OCSP capabilities and protocol parameters applying to one or more TLS connections that use the profile (a SIP/TLS connection may reference an OCSP profile in its assigned TLS profile). The OCSP profile is referenced by the existing TLS profile.
The configured default responder may point to the certificate authority (CA) that issued the certificate in question, a Trusted Responder whose public key is trusted by the
When configuring an OCSP profile, be aware that you may delete a given OCSP profile when it is not referenced by any TLS connections.
When OCSP is enabled for a TLS connection, every individual certificate in the chain presented by the peer device during the establishment of the connection is validated against an OCSP responder for its revocation status.
When the
Linux DNS client functionality is required for OpenSSL OCSP API to translate a FQDN to an IPv4 address. To populate the file with DNS server addresses, use following CLI commands.
% set addressContext default dnsGroup d1 type mgmt server dns1 ipAddress 10.11.12.13 state enabled % set addressContext default dnsGroup d1 type mgmt server dns2 ipAddress 10.11.12.15 state enabled
Existing DNS CLIs add dynamic ACLs for the configured DNS servers.
Refer to the following pages for command details:
The SIP Security Profile feature defines the type and behavior of security mechanism to apply to the
Refer to the following pages for command details:
The Transparency Profile is the recommended method of configuring transparency on the SBC Core for new deployments as well as when applying additional transparency configurations to existing deployments. Do not use IP Signaling Profile flags in these scenarios because the flags will be retired in upcoming releases.
Refer to the SBC SIP Transparency Implementation Guide for additional information.
The
Headers are also configurable in compact form, and may be transparently passed by configuring a Transparency Profile. It is advisable to configure both compact and long formats to ensure both types of received headers in the PDU are transparently passed.
If a header is not in the transparency configurable, existing “Unknown Header Transparency” and explicit header transparency flag semantics shall apply.
This feature allows you to add previously “unknown” headers to the TP making them “semi-known” to the system, as well as add “known” headers thus eliminating the need for IP Signaling Profile (IPSP) transparency control flags for those headers. An "unknown" header is defined as a header that, if present in an incoming SIP message, is parsed as a generic “unknown” header, but is treated as a “known” header with respect to transparency by allowing individual transparency control towards it.
This dynamic transparency capability applies to SIP-SIP, SIP-GW and GW-SIP scenarios. GW-GW is supported only between the same GW versions.
If you configure a Contact header in the Transparency Profile, it is treated as full contact header transparency.
Support for known headers (with or without IPSP transparency flags) is available for INVITE, REGISTER and OOD messages. Support for selective unknown header transparency is available for INVITE, REGISTER messages.
The following message body headers cannot be used when configuring a Transparency Profile:
The
Do not enable "unknownHeader" flag if using this feature.
Refer to the following pages for command details: