Friday, April 29, 2016

Oracle SBC 7.3 - setup for Access SBC in home lab

Oracle SBC 7.3 - setup for Access SBC in home lab


Oracle SBC 7.3 - setup for Access SBC in home lab

Home lab has 10Gb network from PC to ESXi of 192.168.70.0/24 using SPF+ DAC
PC and ESXi both have 1Gb nics that go to switch using 192.168.10.0/24

192.168.10.5 is PC with xlite soft phone
192.168.10.235 is my asterisk box (vm guest)
192.168.70.236 is my 2012 R2 server for logs, snmp, and traps using 10Gb pc to esxi (vm guest)

SBC is also vm guest. Was tricky setting up the interfaces. You must have them all setup correctly before you power on the SBC guest image THE FIRST TIME!!
make sure they are on correct interface, like example: vmnetwork1 for media interfaces and 10GbToPC for the wancomm interfaces
make sure they are using correct type e1000 as the sbc has driver for that one. You may have to remove some interfaces and add new ones.
make sure they are all set to power on at start

192.168.70.50 for wancomm on pc to esxi 10Gb using 10GbToPC e1000 (vm guest)
192.168.10.60 for network-interface on s0p0 using vmnetwork1 e1000 (vm guest)
192.168.10.70 for network-interface on s0p1 using vmnetwork1 e1000 (vm guest)
192.168.10.65 for sip-interface access - VIRTUAL INTERFACE IN SBC SETUP DURING CONFIG BELOW
192.168.10.75 for sip-interface core - VIRTUAL INTERFACE IN SBC SETUP DURING CONFIG BELOW

Using s0p0 for access and s0p1 for core side to asterisk

I will anchor media on the 10.65 and 10.75 interfaces also

all my snmp and trap community names are: mysbc

Preferred order of setup is:
setup product
setup entitlements
bootparam
redundancy //if needed
timezone
ntp-sync
system-config
phy-interface
network-interface
media-manager
realms
sip-config
sip-interface
//used nat-traversal always
//used registration-caching enabled
steering-pools
local-policy //if needed
session-agents //if needed
session-groups //if needed
header manipulations //if needed


session-agent is assigned in local policy
so we create one called asterisk on core realm with asterisk IP
no reason to have sa on access side unless you support customers with PBX
as sip trunk and phone/mta is a peering usage



//begin the setup now

prompt-enabled enabled

setup product

setup entitlements

save
activate

conf t
bootparam

reboot

You should now be able to ping wancomm and ssh to SBC

prompt-enabled enabled
save
activate

conf t
ntp-sync
select
add-server 198.211.106.151
done
exit
exit

show timezone
if no timezone yet do

timezone-set

show ntp server
save
activate

/system-config is a must and setup syslog server if needed (log-filter all-fork if using syslog server)
conf t
system
system-con
select
hostname mysbc
description mysbc
location "Gilbert AZ"
mib-system-contact "Glen Whittenberg"
mib-system-name mysbc
mib-system-location "Gilbert AZ"
snmp-enabled enabled
enable-snmp-auth-traps enabled
enable-snmp-syslog-notify enabled
enable-snmp-monitor-traps enabled
enable-env-monitor-traps enabled
enable-mblk_tracking enabled
snmp-syslog-his-table-length 1
snmp-syslog-level WARNING
syslog-server
address 192.168.70.236
port 514
facility 4
done
exit
system-log-level WARNING
process-log-level NOTICE
process-log-ip-address 192.168.70.236
process-log-port 2500
log-filter all-fork
default-gateway your ip here if needed
done
exit
exit
exit
save
activate


//snmp-community if needed

conf t
system
snmp-community
ip-addresses 192.168.70.236
community-name mysbc
access-mode READ-WRITE
done
exit
exit
exit
save
activate

//trap-receiver if needed

conf t
system
trap-receiver
ip-address 192.168.70.236
filter-level All
community-name mysbc
done
exit
exit
exit
save
activate-con

//account-server for radius if needed for CDRs
conf t
session-router
account-config
select
account-servers
hostname 192.168.70.236
port 1813
state enabled
secret mysbc
done
exit
done
exit
exit
exit
save
activate-con


//Enable CDR on SBC if needed and use ftp push if needed

conf t
session-router
account-config
select
hostname localhost
state enabled
file-output enabled
ftp-push enabled
cdr-output-redundancy disabled
generate-start OK
generate-interim Reinvite-Response
prevent-duplicate-attrs enabled
cdr-output-inclusive enabled
done
exit
exit
exit
save
activate-con

//push-reciever for cdr to ftp server

conf t
session-router
account-config
select
push-receiver
server 192.168.70.236
remote-path /
username ftpuser
password ftpuser
admin-state enabled
done
exit
done
exit
exit
exit
save
activate-con






//setup interfaces

interface-mapping
show

Interface Mapping Info
-------------------------------------------
Eth-IF  MAC-Addr                Label
wancom0 00:50:56:86:BF:70       #generic
wancom1 00:50:56:86:E0:FC       #generic
wancom2 00:50:56:86:70:66       #generic
spare   00:50:56:86:51:35       #generic
s0p0    00:50:56:86:3A:BD       #generic
s1p0    00:50:56:86:F0:63       #generic
s0p1    00:50:56:86:C1:EC       #generic
s1p1    00:50:56:86:97:01       #generic
s0p2    FF:FF:FF:FF:FF:FF       #dummy
s1p2    FF:FF:FF:FF:FF:FF       #dummy
s0p3    FF:FF:FF:FF:FF:FF       #dummy
s1p3    FF:FF:FF:FF:FF:FF       #dummy

exit
show interfaces brief

Slt Prt Vlan Interface  IP                     Gateway                 Adm  Oper
Num Num   ID Name       Address                Address                 Stat Stat
--- --- ---- ---------- ---------------------- ----------------------- ---- ----
  -   -    - lo         127.0.0.1/8            -                        up   up
  -   -    - wancom0    192.168.70.50/24       -                        up   up
--------------------------------------------------------------------------------


//phy-interface

conf t
system
phy-interface
name access
operation-type Media
slot 0
port 0
done
name core
operation-type Media
slot 0
port 1
done
exit
exit
exit
save
activate


//network-interface

conf t
system
network-interface
name access
description "access side"
ip-address 192.168.10.160
netmask 255.255.255.0
gateway 192.168.10.1
signaling-mtu 1500
add-hip-ip 192.168.10.160
add-ftp-ip 192.168.10.160
add-icmp-ip 192.168.10.160
add-ssh-ip 192.168.10.160
done
name core
description "core side"
ip-address 192.168.10.170
netmask 255.255.255.0
gateway 192.168.10.1
signaling-mtu 1500
add-hip-ip 192.168.10.170
add-ftp-ip 192.168.10.170
add-icmp-ip 192.168.10.170
add-ssh-ip 192.168.10.170
done
exit
exit
exit
save
activate

show interfaces brief

Slt Prt Vlan Interface  IP                     Gateway                 Adm  Oper
Num Num   ID Name       Address                Address                 Stat Stat
--- --- ---- ---------- ---------------------- ----------------------- ---- ----
  -   -    - lo         127.0.0.1/8            -                        up   up
  -   -    - wancom0    192.168.70.50/24       -                        up   up
  0   0    0 access     192.168.10.60/24       192.168.10.1             up   up
  0   1    0 core       192.168.10.70/24       192.168.10.1             up   up
--------------------------------------------------------------------------------



//media-manager

conf t
media-manager
realm-config
network-interfaces access
identifier access
description "access realm"
done
network-interfaces core
identifier core
description "core realm"
done
exit
exit
exit
save
activate

//media-manager-config for audio latching purpose
conf t
media-manager
media-manager
state enabled
latching enabled
done
exit
exit
exit
save
activate


//sip-config

conf t
session-router
sip-config
select
state enabled
operation-mode dialog
dialog-transparency enabled
home-realm-id access
egress-realm-id core
nat-mode Public
registrar-domain *
registrar-host *
registrar-port 5060
done
exit
exit
exit
save
activate


//sip interfaces

conf t
session-router
sip-interface
state enabled
realm-id access
nat-traversal always
registration-caching enabled
sip-ports
address 192.168.10.165
port 5060
transport-protocol UDP
allow-anonymous all
done
exit
done
exit
exit
exit
save
activate

conf t
session-router
sip-interface
state enabled
realm-id core
nat-traversal always
registration-caching enabled
sip-ports
address 192.168.10.175
port 5060
transport-protocol UDP
allow-anonymous all
done
exit
done
exit
exit
exit
save
activate


//sreering-pool

conf t
media-manager
steering-pool
realm-id access
ip-address 192.168.10.165
start-port 10000
end-port 30000
done
realm-id core
ip-address 192.168.10.175
start-port 10000
end-port 30000
done
exit
exit
exit
save
activate


//local-policy

conf t
session-router
local-policy
source-realm core
description "core local policy"
from-address *
to-address *
source-realm core
state enabled
policy-attribute
next-hop 192.168.10.235
realm core
state enabled
app-protocol SIP
done
exit
done
exit
exit
exit
save
activate

conf t
session-router
local-policy
source-realm access
description "access local policy"
from-address *
to-address *
source-realm access
state enabled
policy-attribute
next-hop 192.168.10.235
realm core
state enabled
app-protocol SIP
done
exit
done
exit
exit
exit
save
activate


Now setup your phones pointing to asterisk 192.168.10.235 with using 192.168.10.65 as proxy
Make calls and look at sip logs on asterisk and sbc. we have true b2b with media anchoring.

Remember you could have created a session-agent and used that for next hop in core local-policy


Posted by at 1 comment:
Subscribe to: Posts (Atom)