CHAPTER 19-1 Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model OL-19820-15 19 SDP Handling Cisco Unified Border Element (SP Edition) by default passes through all a= lines in SIP messages containing SDP offers and answers that it forwards. You can also configure Cisco Unified Border Element (SP Edition) to block certain a= lines, either by specifying a whitelist (a finite set of a=lines that are passed through, with all others blocked), or alternatively a blacklist (a finite set of a=lines that are blocked, with all others passed through). Additionally, user exits in the Cisco Unified Border Element (SP Edition) code base allow customers to write their own code to insert and/or strip one or more media-level a= lines when processing an offer on an answer. The SIP-I Support feature enables Cisco Unified Border Element (SP Edition) to pass through the ISDN User Part (ISUP) parameters in Session Initiation Protocol (SIP) messages that are added by a SIP or Public Switched Telephone Network (PSTN) interworking gateway. The SIP Non-SDP Body Filtering feature adds support for Cisco Unified Border Element (SP Edition) to process non-SDP bodies, and in particular the ISUP body using SIP-I. Cisco Unified Border Element (SP Edition) was formerly known as Integrated Session Border Controller and may be commonly referred to in this document as the session border controller (SBC). For a complete description of the commands used in this chapter, refer to the Cisco Unified Border Element (SP Edition) Command Reference: Unified Model at: http://www.cisco.com/en/US/docs/ios/sbc/command/reference/sbcu_book.html. For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or a Cisco IOS master commands list. Feature History for SDP Handling Release Modification Cisco IOS XE Release 2.4 The SIP SDP Attribute Passthrough feature was introduced on the Cisco IOS XR. Cisco IOS XE Release 2.6 The SIP-I Support and SIP Non-SDP Body Filtering features were introduced on the Cisco ASR 1000 Series Aggregation Services Routers. Cisco IOS XE Release 3.1S Repeat SDP on 200 Invite Response feature was added.
Transcript
Cisco Unified Border ElemOL-19820-15
C H A P T E R 19
SDP Handling
Cisco Unified Border Element (SP Edition) by default passes through all a= lines in SIP messages containing SDP offers and answers that it forwards. You can also configure Cisco Unified Border Element (SP Edition) to block certain a= lines, either by specifying a whitelist (a finite set of a=lines that are passed through, with all others blocked), or alternatively a blacklist (a finite set of a=lines that are blocked, with all others passed through). Additionally, user exits in the Cisco Unified Border Element (SP Edition) code base allow customers to write their own code to insert and/or strip one or more media-level a= lines when processing an offer on an answer.
The SIP-I Support feature enables Cisco Unified Border Element (SP Edition) to pass through the ISDN User Part (ISUP) parameters in Session Initiation Protocol (SIP) messages that are added by a SIP or Public Switched Telephone Network (PSTN) interworking gateway.
The SIP Non-SDP Body Filtering feature adds support for Cisco Unified Border Element (SP Edition) to process non-SDP bodies, and in particular the ISUP body using SIP-I.
Cisco Unified Border Element (SP Edition) was formerly known as Integrated Session Border Controller and may be commonly referred to in this document as the session border controller (SBC).
For a complete description of the commands used in this chapter, refer to the Cisco Unified Border Element (SP Edition) Command Reference: Unified Model at:
For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or a Cisco IOS master commands list.
Feature History for SDP Handling
Release Modification
Cisco IOS XE Release 2.4
The SIP SDP Attribute Passthrough feature was introduced on the Cisco IOS XR.
Cisco IOS XE Release 2.6
The SIP-I Support and SIP Non-SDP Body Filtering features were introduced on the Cisco ASR 1000 Series Aggregation Services Routers.
Cisco IOS XE Release 3.1S
Repeat SDP on 200 Invite Response feature was added.
19-1ent (SP Edition) Configuration Guide: Unified Model
At the point where the policy is applied, a (rate-limited) warning log is issued if the policy attempts to delete one of these lines.
Information about SIP SDP Attribute PassthroughAdditional per-call storage is needed to store the SDP policy that is being applied. This is expected to be ~160 bytes per call.
Information About Repeat SDP on 200 Invite Response To support interoperation with endpoints that may require an agreed Session Description Protocol (SDP) to be resent for 200 INVITE responses, the user can configure SBC to repeat an agreed SDP, in a 200 INVITE response, when needed, after the successful provisioning of an offer-answer exchange.
This option is configured in the CAC policy for SIP calls. The default is off.
The agreed SDP answer is the SDP answer from the latest completed SDP offer/answer exchange procedure.
When Repeat SDP on 200 Invite Response is configured, the call flow is as shown in the following three figures.
19-3Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
Figure 19-3 shows the call flow for no SDP on the final response.
Figure 19-3 Call Flow for No SDP on Final Response
See the ?$paranum>Configuring Repeat SDP on 200 INVITE Response? section on page 19-14 for the configuration procedure.
See the ?$paranum>Example of Repeat SDP on 200 INVITE Response Configuration? section on page 19-16 for and example configuration.
Configuring SIP SDP Attribute PassthroughThis section contains the steps for implementing SIP SDP Attribute Passthrough.
Note The caller and callee commands have been used in this procedure. In some scenarios, the branch command can be used as an alternative to the caller and callee command pair. The branch command has been introduced in Release 3.5.0. See the ?$paranum>Configuring Directed Nonlimiting CAC Policies? section on page 7-37 for information about this command.
2791
42
INVITE(SDP offer)
PRACK
ACK
INVITE(SDP offer)
183 Session Progress 100 rel(SDP answer)
200 OK(no SDP)
CalleeCaller SBC
183 Session Progress 100 rel(SDP answer)
200 OK(SDP answer)
PRACK
ACK
200 PRACK
200 PRACK
19-6Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
Configures the table type of a CAC table within the context of an SBE policy set.
list of limit tables can be one of the following values:
• account—Compare the name of the account.
• adj-group—Compare the name of the adjacency group.
• adjacency—Compare the name of the adjacency.
• all—No comparison type. All events match this type.
• call-priority—Compare with call priority.
• category—Compare the number analysis assigned category.
• dst-account—Compare the name of the destination account.
• dst-adj-group—Compare the name of the destination adjacency group.
• dst-adjacency—Compare the name of the destination adjacency.
• dst-prefix—Compare the beginning of the dialed digit string.
• event-type—Compare with CAC policy event types.
• src-account—Compare the name of the source account.
• src-adj-group—Compare the name of the source adjacency group.
• src-adjacency—Compare the name of the source adjacency.
• src-prefix—Compare the beginning of the calling number string.
Features can be enabled or disabled per adjacency group through CAC configuration the same way this is done per individual adjacencies. The adj-group table type matches on either source or destination adjacency group.
Configures the match-value of an entry in a CAC Limit table. It is only relevant for Limit table types.
The key argument is a string or a keyword based on the table type. The format of the key is determined by the Limit table type (for example, Limit event-type tables or Limit call-priority tables).
For Limit event-type tables (table-type limit event-type), the match value string options are the following:
• call-update—Compare the beginning of the calling number string.
• endpoint-reg—Compare the name of the destination adjacency.
• new-call—Compare the beginning of the dialed digit string.
For Limit call-priority tables (table-type limit call-priority), the match value string options are the following:
• critical—Match calls with resource priority 'critical'.
• flash—Match calls with resource priority 'flash'.
• flash-override—Match calls with resource priority 'flash-override'.
• immediate—Match calls with resource priority 'immediate'.
• priority—Match calls with resource priority 'priority'.
• routine—Match calls with resource priority 'routine'.
For all other Limit tables, enter a name or digit string
WORD—Name or digit string to match. (Max Size 255).
Example of SIP SDP Attribute PassthroughThis section provides a sample configuration and output for SIP SDP Attribute Passthrough.
Note The caller and callee commands have been used in this procedure. In some scenarios, the branch command can be used as an alternative to the caller and callee command pair. The branch command has been introduced in Release 3.5.0. See the ?$paranum>Configuring Directed Nonlimiting CAC Policies? section on page 7-37 for information about this command.
Configures SBC to repeat an agreed Session Description Protocol (SDP), in a 200 INVITE response, after the successful provisioning of an offer-answer exchange when needed.
Step 9 end
Example:Router(config-sbc-sbe-cacpolicy-cactable-entry)# end
Exits configuration mode and returns to privileged EXEC mode.
Command or Action Purpose
19-15Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
This section provides a sample configuration and output for SIP SDP Attribute Passthrough.
Router(config-sbc-sbe)# do show sbc interwork sbe cac-policy-set 1 table 1 entry 1SBC Service "interwork"Policy set 1 table 1 entry 1 Match value sipp1 Action CAC policy complete Max calls Unlimited Max call rate Unlimited Max in-call rate Unlimited Max out-call rate Unlimited Max registrations Unlimited Max reg. rate Unlimited Max bandwidth Unlimited Max channels Unlimited Transcoder Allowed Caller privacy setting Never hide Callee privacy setting Never hide Early media Allowed Early media direction Both Early media timeout 0 Restrict codecs to list default Restrict caller codecs to list default Restrict callee codecs to list default Media bypass Allowed SRTP Transport Not Set Callee hold setting Standard Caller hold setting Standard Number of calls rejected by this entry 0 Caller inbound SDP policy policytab1 Caller outbound SDP policy policytab1 Callee inbound SDP policy policytab2 Callee outbound SDP policy policytab2
Example of Repeat SDP on 200 INVITE Response ConfigurationThe following example shows how to configure SBC to send a repeat SDP on 200 INVITE responses.
• Examples—SIP Non-SDP Body Filtering and SIP-I Support, page 19-22
PrerequisitesThe following prerequisite is required to implement SIP Non-SDP Body Filtering and SIP-I Support:
Before implementing SIP Non-SDP Body Filtering and SIP-I Support, Cisco Unified Border Element (SP Edition) must already be configured. See the procedures described in Chapter 3, ?$paratext>.?
Restrictions for SIP Non-SDP Body Filtering and SIP-I Support The following restrictions and limitations apply to SIP Non-SDP Body Filtering and SIP-I Support:
• If dual tone multifrequency (DTMF) interworking is enabled for a call, the INFO messages containing a DTMF digit may not pass through.
• The SBC does not support Secure Multipurpose Internet Mail Extensions (S/MIME) encryption or decryption. While the SBC may allow encrypted bodies to pass through, it does not modify them.
• In compliance with Section 8.2.1.1 of RFC 3398, the SBC does not support a From header without a username.
• The total size of the MIME bodies and associated header allowed to pass through is limited to approximately 1000 bytes. The final size allowed depends on the structure of the headers and MIME bodies and should not exceed 2000 bytes.
• The SBC may not preserve the original order of MIME bodies and may insert the SDP as the first body part.
• This feature does not work in conjunction with H.323.
• Since the SBC considers BYE requests on a hop-by-hop basis, it does not pass any information using a BYE response it received.
• The SBC allows the user=phone URI parameter on the Request-URI to pass through.
• The SBC may alter the MIME boundary of a message.
19-17Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
OL-19820-15
Chapter 19 SDP Handling SIP-I Support and SIP Non-SDP Body Filtering
Information about SIP Non-SDP Body Filtering and SIP-I SupportThe following sections provide information about the SIP Non-SDP Body Filtering feature and the SIP-I Support feature.
SIP Non-SDP Body Filtering
The SIP Non-SDP Body Filtering feature adds support for Cisco Unified Border Element (SP Edition) to process non-SDP bodies, and in particular the ISUP body using SIP-I. The SBC can pass through, strip out, or reject non-SDP bodies. The message body of a SIP message is described using header fields such as Content-Disposition, Content-Encoding, and Content-Type, which provide information about the body. SBC uses a body profile that you create and associate to filter non-SDP bodies from incoming and outgoing SIP messages, based on the Content-Type header field. A body profile allows a message containing a specific non-SDP body to take one of the following actions:
• To be passed (without altering the message)
• To be stripped of the body (and pass the rest of the message)
• To be rejected
• SBC uses the ‘handling’ parameter in the message to decide whether to strip the body or reject the message.
Like any other SIP profile, such as a method profile, you need to first create a body profile. Then you can associate the body profile to cause the body profile to take action on incoming and outgoing SIP messages that fall under the SBE mode, or adjacency mode, or method profile mode.
You can create a body profile:
• Using the sip body-profile {profile_name} command under the SBE mode.
The body command and action (body) command are used in conjunction with the sip body-profile command. The body command names a body type or content header type for a non-SDP message body. The action (body) command sets the action to take on a body type in a SIP body profile.
After creating a body profile, you can associate the body profile at the following levels and configuration modes:
• At the SIP signaling entity level (ingress or egress), under SBE mode, using the sip default body-profile [[inbound | outbound] {profile_name}] command. The body profile is associated for the entire signaling instance (that is all messages, either ingress or egress, passing through the SBC.)
• At the SIP adjacency level, under SIP adjacency mode, using the body-profile [[inbound | outbound] {profile_name}] command. The body profile is associated to an adjacency.
• At the SIP method profile level, under method profile mode, using the body-profile {profile_name} command. The body profile is associated to a method profile.
SIP-I Support
The SIP-I Support feature enables Cisco Unified Border Element (SP Edition) to pass through the ISDN User Part (ISUP) parameters in Session Initiation Protocol (SIP) messages that are added by a SIP or Public Switched Telephone Network (PSTN) interworking gateway. ISUP is a call control protocol used in SS7 networks primarily for setting up and tearing down telephone calls and for maintenance of the network.
19-18Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
OL-19820-15
Chapter 19 SDP Handling SIP-I Support and SIP Non-SDP Body Filtering
SIP-I is an approach defined by ITU-T Q.1912.5. SIP-I provides an approach for interworking SIP networks and the traditional, circuit-based ISDN User Part (ISUP) networks. SIP-I provides a method for passing through ISUP-specific header parameters through a SIP network so that calls that originate and terminate on the circuit-based ISUP network can cross a SIP network with no loss of information.
SIP-I allows transparent passthrough of ISUP parameters through a SIP network by attaching a copy of the ISUP message to the SIP message at the incoming PSTN gateway. The ISUP message appears as a non-SDP message body on the SIP message. SIP-I has a mechanism to indicate the presence of ISUP (based on Content-Type header) and if the ISUP is mandatory or can be passed through, depending on the Content-Disposition header. The SBC passes through the ISUP message body without coding or decoding the ISUP message.
The mapping between SIP and ISUP protocols is carried out by the Media Gateway Controller (MGC). In the SBC, the ISUP parameters can be carried in the SIP Request-Uniform Resource Identifier (URI) or the SIP message body.
Cisco Unified Border Element (SP Edition) supports the following SIP-I and profile functions:
• Application or SDP is processed on INVITE, UPDATE, and PRACK requests and their responses.
• Application or DTMF-info is processed on INFO to allow DTMF tones to pass through.
• The NOTIFY messages on message or SIP-frag is analyzed to find out whether it indicates that a subscription or refer dialog is to be terminated.
Non-SDP Message Body Example
The following is an example of a non-SDP message body; the SIP message body is not shown in detail for brevity’s sake. The non-SDP body present in the example is of type “application/resource-lists+xml”:
19-19Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
OL-19820-15
Chapter 19 SDP Handling SIP-I Support and SIP Non-SDP Body Filtering
Implementing SIP Non-SDP Body FilteringThe follow steps describe a sample configuration where a body profile is created with a particular body type and action to take on that body type and then the body profile is associated at the SIP signaling level.
Creates a body profile to filter non-SDP bodies from incoming and outgoing SIP messages. Enters SBE SIP Body configuration mode.
19-20Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
OL-19820-15
Chapter 19 SDP Handling SIP-I Support and SIP Non-SDP Body Filtering
Step 5 body {WORD}
Example:Router(config-sbc-sbe-sip-body)# body application/ISUP
This command describes the body type or content header type for SBC to act on messages with the specified body type or content header type. Enters SBE SIP Body Element configuration mode.
The body name must be in the form of <media-type>/<media-sub-type>, for example, application/ISUP. The body name field is case-insensitive.
Asterisk (*) is used to match all non-SDP body types. Note that * is also interpreted as a string by the CLI, and is just a token used to indicate wild-card match.
The following Content-Type descriptions are not allowed: application/sdp and multipart/mixed
In the example, the command describes the body type that is to act on messages with Content-Type header “application/ISUP.”
Sets the action to take on a body type in a SIP body profile for a non-SDP message body.
• pass—Instructs the SBC to pass through the body type of the non-SDP message body.
• nopass—Uses the handling parameter in the message to determine whether to strip the body or reject the entire message with error code 415 (Unsupported media type).
• strip—Strips the body and passes the rest of the message.
• reject—Rejects the entire message with an error code.
Step 7 exit
Example:Router(config-sbc-sbe-sip-body-ele)# exit
Exits SBE SIP Body Element configuration mode.
Step 8 exit
Example:Router(config-sbc-sbe-sip-body)# exit
Exits SBE SIP Body configuration and enters SBE configuration mode.
Associates the body profile at the SIP signaling level, for the entire signaling instance (that is all messages, either ingress or egress, passing through the SBC).
Command or Action Purpose
19-21Cisco Unified Border Element (SP Edition) Configuration Guide: Unified Model
OL-19820-15
Chapter 19 SDP Handling SIP-I Support and SIP Non-SDP Body Filtering
Examples—SIP Non-SDP Body Filtering and SIP-I SupportThe following is a configuration example of SIP Non-SDP Body Filtering:
sbc foo sbe sip body-profile profile1 body application/ISUP action strip body application/QSIG action reject hunt-on-reject body *
![[MS-SDP]: Session Description Protocol (SDP) Extensions€¦ · Session Description Protocol (SDP) Extensions Intellectual Property Rights Notice for Open Specifications Documentation](https://static.documents.pub/doc/80x56/5f06cab47e708231d419c159/ms-sdp-session-description-protocol-sdp-extensions-session-description-protocol.jpg)
