- Preface
- Overview of Cisco Unified Border Element (SP Edition) Distributed Model
- Configuring Cisco Unified Border Element (SP Edition) Distributed Model
- DTMF Interworking
- Media Address Pools
- Quality of Service and Bandwidth Management
- H.248 Services - Signaling and Control
- H.248 Packages - Signaling and Control
- ETSI Ia Profile on SBC
- Cisco Unified Border Element (SP Edition) Distributed Model Security
- Topology Hiding
- High Availability Support
- Quality Monitoring and Statistics Gathering
- Contents
- Prerequisites for the Cisco Unified Border Element (SP Edition) Distributed Model
- Restrictions for the Cisco Unified Border Element (SP Edition) Distributed Model
- Configuring the Cisco Unified Border Element (SP Edition) DBE Deployment
- Configuring the H.248 Logging Level
- Configuration Examples
- Cisco H.248 Profile
Configuring the Cisco Unified Border Element
(SP Edition) Distributed Model
This chapter describes fundamental configuration tasks required for typical data border element (DBE) deployment of the Cisco Unified Border Element (SP Edition). The Cisco ASR 1000 Series Aggregation Services Router serves as the DBE. The DBE operates with a Signaling Border Element (SBE), also called a media gateway controller (MGC).
For a complete description of the commands used in this chapter, see Cisco Unified Border Element (SP Edition) Command Reference: Distributed Model at:
http://www.cisco.com/en/US/docs/ios/sbc/command/reference/sbc_book.html.
Cisco Unified Border Element (SP Edition) was formerly known as the integrated session border controller. It is commonly referred to as the session border controller (SBC) in this document.
Contents
This chapter provides information about the following topics:
•Prerequisites for the Cisco Unified Border Element (SP Edition) Distributed Model
•Restrictions for the Cisco Unified Border Element (SP Edition) Distributed Model
•Configuring the Cisco Unified Border Element (SP Edition) DBE Deployment
•Configuring the H.248 Logging Level
Prerequisites for the Cisco Unified Border Element (SP Edition) Distributed Model
When running SBC with 500 or more active calls, ensure you configure the huge buffer size to 65535 bytes with the buffer huge size 65535 command. The increased buffer size is required because by default Cisco IOS software sets the "huge" buffer size to be 18084 bytes, which is not large enough for H.248 audit responses when there are more than 500 active calls.
Note For information on the number of active calls that can be reported or audited with a huge buffer of 65535 bytes, see the "Number of Active Calls That Can Be Audited" section.
Restrictions for the Cisco Unified Border Element (SP Edition) Distributed Model
The following are not supported by the SBC function on the Cisco ASR 1000 Series Routers:
•Signaling Border Element (SBE) function and SBE CLIs
•Digital signal processing (DSP)
•Network management system (NMS) configuration
•Transcoding
•SBC virtual interface does not support any existing Cisco IOS features
Note When a VRF is removed from an SBC interface that is in use by an activated SBC, the IP addresses are not removed automatically by the SBC. The user has to manually remove the IP addresses when the SBC is deactivated.
Configuring the Cisco Unified Border Element (SP Edition) DBE Deployment
This section contains steps to configure a typical DBE on the Cisco ASR 1000 Series Routers.
Prerequisites
When running SBC with 500 or more active calls, configure the huge buffer size to 65535 bytes with the buffer huge size 65535 command to ensure the buffer is large enough for H.248 audit responses.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface sbc {interface-number}
4. ip address ip-address
5. exit
6. sbc {sbc-name} dbe
7. vdbe [global]
8. h248-version version
9. h248-napt-package [napt | ntr]
10. local-port {port-num}
11. control-address h248 ipv4 {A.B.C.D}
12. controller h248 {controller-index}
13. remote-address ipv4 {A.B.C.D}
14. remote-port {port-num}
15. transport {udp | tcp} [interim-auth-header]
16. exit
17. attach-controllers
18. exit
19. location-id {location-id}
20. media-address ipv4 {A.B.C.D}
21. exit
22. activate
23. end
DETAILED STEPS
Examples
The DBE does not always attach or detach from its controller immediately. You can use the show sbc dbe controllers command to display status information on whether the controller is attached or detached.
The following example uses the show sbc dbe controllers command to display status information showing that the VDBE with a location ID of 1 on an SBC called "mySbc" is attached to its controller:
Router# show sbc mySbc dbe controllers
SBC Service "mySbc"
vDBE in DBE location 1
Media gateway controller in use:
H.248 controller address
210.229.108.252:2944
Status: Attached
Sent Received Failed Retried
Requests 1 6 0 0
Replies 6 1 0 0
Configured controllers:
H.248 controller 1:
Remote address: 210.229.108.252:2944 (using default port)
Transport: UDP
Troubleshooting Tips
The following are troubleshooting tips that may be helpful after you get your SBC into production.
"Bad getbuffer" Log Message
You run over 500 active calls on your DBE deployment and you receive the following log message:
*Feb 11 11:35:52.909: %SYS-2-GETBUF: Bad getbuffer, bytes= 34506
-Process= "SBC main process", ipl= 0, pid= 183
-Traceback= 70EDFC 747354 9942D0 AFC6E4 B01AC4 29637B0 2960FCC 24C7F04 24C7918 24C7AD0 24D97AC 24D8790 2987C70
*Feb 11 11:35:52.909: %SBC-2-MSG-0303-0046: (sckrecv2.c 991)
Socket write error.
Sockets error code = 255
Socket ID = 0
*Feb 11 11:35:52.909: %SBC-2-MSG-0303-0025: (sckis.c 112)
General sockets layer error detected.
Sockets error code = 255
*Feb 11 11:35:52.909: %SBC-2-MSG-2E01-0014: (gctpfsm.c 730)
An association with a peer has become disconnected.
Peer's address = 200.10.255.252
Peer's port = 2944
Reason code = 0X04
Change your huge buffer size to 65535 bytes. This is the recommended huge buffer size for deployment of more than 500 active calls due to the need for increased buffer size for H.248 audit responses.
Number of Active Calls That Can Be Audited
The number of active calls that can be reported or audited with a huge buffer of 65535 bytes depends on the following:
•The number of calls that can be audited depends on the details of the pinholes because these affect the size of the audit records.
•Using UDP as your H.248 transport may limit auditable calls. You can remove this limitation by using the Segmentation Package and configuring the huge buffer size to be equal to or greater than the segmentation PDU size.
What to Do Next
See the "Configuring the H.248 Logging Level" section if you want to set console logging other than default logging and turn on H.248 logging messages.
See Chapter 4 "Media Address Pools," for information on what to configure next on the DBE.
See the "In-Service Provisioning of H.248 Controllers" section for information on configuring a new controller or making changes to a controller.
Configuring the H.248 Logging Level
This section contains steps to configure a sample configuration where console logging for H.248 messages sent and received is turned on and the H.248 protocol message filter is enabled to display only the H.248 text without any internal message logs.
SUMMARY STEPS
1. enable
2. configure terminal
3. sbc {sbc-name} dbe
4. vdbe [global]
5. h248-version version
6. h248-napt-package [napt | ntr]
7. local-port {port-num}
8. control-address h248 ipv4 {A.B.C.D}
9. logging level [value]
10. logging filter control protocol (Optional)
11. controller h248 {controller-index}
12. remote-address ipv4 {A.B.C.D}
13. remote-port {port-num}
14. exit
15. attach-controllers
16. exit
17. end
DETAILED STEPS
Enabling the H.248 Logging Requests and Responses
Because the default logging level of 63 is set on by default, you can use the logging level command to enable other logging levels. In particular, logging level 30 generates logs showing H.248 requests sent and responses received. The logging level command sets the severity logging level on the DBE and limits logging messages displayed on the console to messages for that specified level and above. For example a specified logging level of 30 would display log messages from logging levels 30, 40, 50, 60, 70, 80, and 90. The lower the logging level, the more syslog bandwidth is taken up.
You may want to consider the Cisco IOS console rate limiting configuration when you set your SBC logging level. Setting the SBC logging level to a level below the default of 63 can cause a substantial volume of messages to be generated. These messages are subject to standard Cisco IOS console rate limiting behavior, where warning and lower-level messages can be rate limited. Therefore, these messages and other messages may be dropped from the console output. However, they are still recorded in the logging buffer, which you can examine. Refer to the logging rate-limit command in the document titled Cisco IOS Configuration Fundamentals and Network Management Command Reference for more information.
Note Some messages may be displayed on the standby Route Processor (RP) because some of the components remain in the active stage on the standby RP and may produce those messages.
SBC debug commands that set the logging level and the H.248 protocol message filter, such as debug sbc log-level and debug sbc filter, can be enabled at the same time.
The logging level command works with SBC and Cisco IOS debug commands as follows:
•If logging and logging level are enabled by the logging level command, logging can only be disabled by the logging level command. The undebug all and no debug sbc log-level commands have no effect.
•If logging and logging level are enabled by a debug command, logging can be disabled by the undebug all and no debug sbc log-level commands.
•If two different logging levels are set by both a debug command and the logging level command, the lower logging level is applied.
•If the same level is set using both the logging level command and a debug command,—to turn off logging for that level, you must disable logging using both the logging level command and the debug command.
Example
The following example shows a sample log output produced on an H.248 ADD request with logging level set to 30:
*Sep 10 06:38:39.039: %SBC-7-MSG-2E01-0092: SBC/MG-CTRL: (gctarecv.c
1397) Application has completed processing a transaction asynchronously
Transaction ID = 3
Transaction type = 0X01
*Sep 10 06:38:49.539: %SBC-7-MSG-2E01-0050: SBC/MG-CTRL: (gctphash.c
701) A hash table has been resized.
The previous size of the hash table was 1024 entries.
The new size of the hash table is 512 entries.
Configuration Examples
This section provides the following configuration examples:
•Configuring an SBC DBE Deployment
•Configuring the Primary IP and Primary Media IP Addresses
•Configuring the Secondary IP and Secondary Media IP Addresses
Configuring an SBC DBE Deployment
The following steps list the tasks you need to do to configure an SBC DBE deployment on the Cisco ASR 1000 Series Routers:
1. Create an SBC virtual interface.
2. Configure IP addresses on the SBC virtual interface.
3. Create the DBE service on the SBC.
4. Configure the default VDBE.
5. Take the default use-any-local-port command behavior.
6. Configure the DBE to use a local H.248 control address to connect to the SBE.
7. Configure the H.248 controller for the DBE.
8. Configure the remote address of the H.248 controller for the SBE.
9. Attach the DBE to an H.248 controller.
10. Configure a location ID for the DBE.
11. Add an IPv4 address so it can be used by the DBE as a local media address.
12. Initiate the DBE service of the SBC.
The following is a sample configuration representing the ordered tasks used to configure an SBC DBE deployed on the Cisco ASR 1000 Series Routers:
interface sbc 1
ip address 1.1.1.1 255.0.0.0
sbc mySbc dbe
vdbe global
control-address h248 ipv4 210.229.108.254
controller h248 1
remote-address ipv4 210.229.108.252
attach-controllers
location-id 1
media-address ipv4 1.1.1.1
activate
Configuring the Primary IP and Primary Media IP Addresses
The following example shows the running configuration where the primary IP address and primary media IP addresses have been configured:
sbc mySbc dbe
vdbe global
use-any-local-port
control-address h248 ipv4 210.229.108.254
controller h248 1
remote-address ipv4 210.229.108.252
attach-controllers
activate
location-id 1
media-address ipv4 1.1.1.1 <== primary local media IP address added using primary IP addr
interface sbc 1
ip address 1.1.1.1 255.0.0.0 <=== primary IP address was configured on SBC interface
Configuring the Secondary IP and Secondary Media IP Addresses
The following example shows the running configuration where a secondary IP address and secondary media IP address are configured after the primary IP address and primary media address have been configured:
sbc mySbc dbe
vdbe global
use-any-local-port
control-address h248 ipv4 210.229.108.254
controller h248 1
remote-address ipv4 210.229.108.252
attach-controllers
activate
location-id 1
media-address ipv4 1.1.1.1
media-address ipv4 25.25.25.25 <=== secondary media IP addr added using secondary IP addr
interface sbc 1
ip address 25.25.25.25 255.0.0.0 secondary <= secondary IP addr configured on SBC interf.
ip address 1.1.1.1 255.0.0.0
Cisco H.248 Profile
H.248 profiles define option values, sets of packages, naming conventions, and other details for an entire set of applications. The SBC DBE deployment for the Cisco ASR 1000 Series Routers currently supports only one profile, SBC_GateControl. The SBC_GateControl profile, a Cisco internal profile based on ITU-T Recommendation H.248.1 Version 2, defines functionality between the DBE and the MGC.
Overview of Profile
The profile connection model supports the following:
•Maximum number of contexts: Provisioned
•Maximum number of terminations per context: 68
•Allowed terminations type combinations: (IP,IP)
Table 2-1 shows the context attributes and values that are supported by the profile.
The termination ID structure is provisioned in the MGC. The MGC is at liberty to choose any termination naming structure. The DBE can accept 3 to 9 fields in the termination ID structure.
The following H.248 subseries transports are supported by the profile:
•Supported transports: TCP or UDP
•Segmentation supported: UDP: Optional
Use of the Interim Authentication Header defined in H.248.1v2 is optional within this profile.
Profile Packages
This section specifies the packages that are supported in this profile. Mandatory packages are packages that are supported in the profile. Optional packages are packages that may be supported in the profile.
Table 2-2 shows the mandatory packages supported by the Cisco profile.
Table 2-3 shows the optional packages supported by the Cisco profile.