Contenu connexe Similaire à Sangoma SBC Training Presentation (20) Plus de Empatiq İletişim Teknolojileri AŞ. (8) Sangoma SBC Training Presentation1. Sangoma Session Border Controllers:
Support Training
Presentation
Aykut SAGLAM
aykut.saglam@empatiq.com
Sangoma Turkey Distributor
2. Contents Part 1
• Why Session Border Controllers?
• Product Portfolio of the Session Border Controller
• Business Applications and Use Cases (Vega ESBC)
• Carrier/Service Provider Applications and Use Cases
(NetBorder SBC)
• Sangoma SBC Load Balancing and Failover Techniques
• SBC Walkthrough
© 2014 Sangoma Technologies 2
3. Contents Part 2
• Conceptual Overview of the SBC Call Processing Components
• Introduction and Configuration of SIP Profiles
• Introduction and Configuration of Domain Profiles
• Introduction and Configuration of Media Profiles
• Introduction and Configuration of SIP Trunks
• Introduction and Configuration of Call Routing
• Walkthrough
• Questions
© 2014 Sangoma Technologies 3
5. Problems Found in VoIP without an SBC
• Firewalls need to be traversed for end-to-end VoIP telephony
– SIP protocol does not work through NAT functions in firewalls
• Without SBCs
– Forward SIP/RTP ports on firewalls
• Opens up security issues
– Set-up VPNs
• Costly to manage/bandwidth limitations/subscriber mgmt.
– Firewall Application Layer Gateways (ALG)
• OK, brings other limitations for other SIP issues
© 2014 Sangoma Technologies 5
6. SIP Interoperability Challenges
• SIP RFC3261
– Largest RFC
– Not a tight specification like ITU specs for instance
– Uses “Should”,“Can”,“May”,“Option” many many
times
– It is a recommendation, not a hard rule, lots of
room for interpretation
• Result
– Everyone is compliant to RFC3261
– But hard time to interop!
• For end to end VoIP Interworking, SBCs come
to the rescue by ‘fixing’ these differences
© 2014 Sangoma Technologies 6
7. Additional Interop Challenges
• It’s not just SIP signaling
• Media can also need fixing for end to end communications to become possible:
– Codecs mismatch
– Fax T.38/Inband Fax
– RFC2833/INFO/Inband DTMF Methods
– RTP and SRTP
• IPV6 vs IPV4
• UDP vs. TCP (example with MS Lync)
• TLS/SRTP interop with SIP/RTP
• Firewalls cannot address these – do not have DSPs to process media
© 2014 Sangoma Technologies 7
8. Security Issues
• Connectivity to other IP Networks introduces security
issues
– Denial of Service (DoS) attacks
– Toll Fraud by manipulating media
– Topology hiding (SIP vias, hops, etc.)
• Firewalls cannot act on all these security issues unless it
is SIP aware (SIP ALG)
– Some firewall vendors offer SIP ALGs, but it is not enough
© 2014 Sangoma Technologies 8
9. What is an SBC and Why have one?
• SBCs are installed at the edge of VoIP Networks to facilitate
end to end VoIP transmission without compromising network
security
• Essential for several reasons:
– New security issues introduced with SIP protocol
– Fix interoperability issues
• SBC are typically implemented as Back to Back User Agents
(B2BUA)
– All SIP and media (voice) traffic transit through SBCs
© 2014 Sangoma Technologies 9
10. B2BUA Explained
• A back to back user agent (B2BUA) is a logical network
element in the Session Initiation Protocol (SIP)
applications
• It operates between two endpoints in a communication
session and divides the communication channel into two
different call legs
• It mediates SIP signaling between both ends of the call
• B2BUAs are often implemented within media gateways
© 2014 Sangoma Technologies 10
11. B2BUA Explained
• SIP
Normalization
• Security
• Transcoding
• CDRs
• RTCP QoS
report
• Call Access
Control
• Management
• GUI / config
• DSP resources
• Etc.
© 2013 Sangoma Technologies 11
Eth pipe
SIP
port
RTP
ports
SIP
port
RTP
ports
Eth pipe
SIP
Media
SIP
Media
SBC
Because the SBC ‘sees’ all SIP and RTP
traffic coming from both sides, it can
analyze, fix, control, etc.
12. Where are the User Agents (UA)?
SIP UA SIP UA
• SIP
Normalization
• Security
• Transcoding
• CDRs
• RTCP QoS
report
• Call Access
Control
• Management
• GUI / config
• DSP resources
• Etc.
Eth pipe
SIP
port
RTP
ports
SIP
port
RTP
ports
Eth pipe
SIP
Media
SIP
Media
SBC
They are back to back!
© 2013 Sangoma Technologies 12
14. Vega Enterprise SBC
• Appliance
– 25-250 Sessions
– H/W DSP acceleration
– 1U/2 x 1 GE ports
• Software Version
– 25-500 Sessions/Self-Contained ISO
– VM requirements
• 1 Core/1 GB RAM/Bridged
• Software/Hybrid Version – UNIQUE
– 25-500 Sessions/Self-Contained ISO
– VM requirements
• 1 Core/1 GB RAM/Bridged
– H/W DSP acceleration
D150
© 2014 Sangoma Technologies 14
15. NetBorder Carrier SBC
• Appliance
– 250-4000 Sessions
– H/W DSP acceleration
– 1U/2 x 1 GE ports
– RAID 1
© 2014 Sangoma Technologies 15
16. Product Highlights – All SBCs
• Ease of Use
– WebGUI configuration, operation, backup and restore, REST API
– Simplified licensing, field upgradable, all features one SKU
• Session Policy and Media
– Advanced WebGUI or XML header manipulation, upper registration
– NAT traversal, call forking
• Security
– DDOS attack protection, advanced firewall for signaling and data
• Advanced Call Routing
– Advanced WebGUI or XML dialplan, database routing, load balancing
• Troubleshooting
– PCAP signaling and media capture on the SBC, email notifications
• Redundancy/HA
– Active - Active or Active - Standby
© 2014 Sangoma Technologies 16
17. Ease of Use
• WebGUI configuration, operation, backup and restore
– Golden master configuration used to configure multiple SBCs
• REST API
– Integrate Sangoma SBC into a business process
– Programmatic SIP trunk and user configuration
• Simplified licensing, field upgradable
– All features one SKU. No feature limitations.
– Transcoding, SRTP, voice quality features all included
– Sessions are software upgradable from 20 to 250 sessions
• Email Notifications
– Notifications on error conditions, failures, security or capacity
© 2014 Sangoma Technologies 17
18. Session Policy
• Advanced Header Manipulation
– GUI or XML based manipulation of any SIP header on any SIP packet. INVITE, 180,183,200, etc…
• Upper Registration – Remote Users
– Pass-through registration with in and/or out of dialog support
– Advanced call flow scenarios to support remote users
• NAT Traversal
– Auto IP detection
• Call Forking
– Multiple outgoing dialogs per call
• First 200 Ok receives the call, rest of the calls get hung-up
• Support for busy, unregistered or inactive user agents
• Unlimited SIP Interfaces
• Unlimited SIP Trunking
• SIP and Media Transports
– TCP, UDP, TLS, RTP, SRTP
© 2014 Sangoma Technologies 18
19. Media and Networking
• Hardware Media Processing
– Sangoma SBCs use hardware network DSPs to process RTP
– Low latency media pass through
– High capacity any to any transcoding and encryption
– Voice quality enhancements
• Echo cancellation, noise reduction, auto gain control
• Networking
– Single IP address for signaling and media
– Separated signaling and media planes
– VLAN and ethernet bonding
© 2014 Sangoma Technologies 19
20. Security
• Signaling Security
– Adaptive and time based firewall blocking based on SIP flood attacks
• Malformed packet, registration storms, invite floods, authentication errors
– SIP scanner detection and blocking
– Rule based detection and blocking
• Using standards based rules and known exploits and blacklists
• Media Security
– RTP media port pin hole based on active session
• RTP ports are only opened when session is active
– RTP port overload detection. In case of RTP flood attack on a specific port.
• Data Firewall
– Advanced state full data firewall
– Port forwarding and NAT
• DDOS
– Adaptive and time based firewall blocking based on IP flood attacks
– Detection of known IP sniffers and DDOS attack generators
© 2014 Sangoma Technologies 20
21. Advanced Call Routing (‘Softswitch’)
• Advanced GUI or XML Dialplan
– Route calls based on any sip header or DID or IP
– Nested dialplan support with advanced regex matching
• Database Routing
– Routing based on remote database lookup using HTTP/HTTPS
– Routing based on ODBC database connection
– Mongo DB support
• Load Balancing
– Weighed or round robin load balancing between multiple SIP interfaces within a domain
• Least Cost Routing
– Support for local LCR database. GUI LCR Import/export.
• DNS/SRV Routing
• DHCP Options
© 2014 Sangoma Technologies 21
22. Troubleshooting
• GUI Error Reporting and Notification
– GUI dashboard with time based graphing
– System, session, capacity errors
– Error message counts
• PCAP Tracing
– Ability to trace both signaling and media on the SBC. Self contained No need to use external port mirrors or hub
– Decode PCAP files using Wireshark
– Huge disk space to store large circular PCAP buffer for long term debugging
• RTCP Search
– Search for calls with bad RTCP thresholds. Email notifications on each bad RTCP call.
• SSH and CLI Console
– Ability to perform real time log analysis and tracing on the console
– Multiple screen support
• Logging
– Extensive logging per call tagged using UUID
– Remote syslog support
• Hardware Crash Protection
– Automatic reboot on system lockup or HW fault
© 2014 Sangoma Technologies 22
24. Enterprise SIP Trunking
Vega eSBC
Direct Deployment on Public IP address
© 2014 Sangoma Technologies 24
DMZ Deployment
ITSP
SIP SIP
IP-PBX
IP
SIP
Vega eSBC
ITSP
SIP SIP
IP-PBX
IP
SIP
25. Secure Access Control for Remote Users
or Telecommuters
Vega eSBC
© 2014 Sangoma Technologies 25
ITSP
SIP SIP
IP-PBX
IP
SIP
External
FW/NAT
Internal
FW
Home Office,
Mobile Users,
Telecommuters
SIP
Vega eSBC:
• Pass-through SIP registration on IP-PBX
• Remote FW/NAT traversal
• Call Admission Control
• Topology Hiding
• TLS and SRTP encryption
• No VPN required
Ext 101
Ext 102
26. Multi-Site Consolidation
WAN
© 2014 Sangoma Technologies 26
SBC:
• Remove Multi-Sites PRIs
• Performs SIP Security Functions
• SIP Harmonization
• Media Harmonization
• Intelligent Call Routing
• Sophisticated Dial Plans
Vega eSBC
ITSP SIP SIP
IP-PBX
SIP IP
IP-PBX
IP-PBX
SIP
WAN SIP
27. Carrier SBC For Hosted PBX
• Advantages
– Known demarcation point
– Reduces interoperability issues/resource with core
– Transcoding if required
© 2014 Sangoma Technologies 27
IP Phones
IP Network
VoIP Service
Provider
LAN VoIP
Multi-Tenant
IP PBX
28. Legacy PBX Migration to Microsoft Lync
Vega eSBC
SBC:
• Performs SIP Security Functions
• UDP/TCP Translation
• SIP Harmonization
Mediation
Server
Lync
Server
• Media Harmonization
• Intelligent Call Routing
Lync
User
• Active Directory Routing
• Unified Dial Plan
© 2014 Sangoma Technologies 28
ITSP SIP
SIP
SIP
IP-PBX
Active
Directory
29. Microsoft Lync Transition with Analog Lines
SBC:
• Performs SIP Security Functions
• UDP/TCP Translation
• SIP Harmonization
• Media Harmonization
• Intelligent Call Routing
• Active Directory Routing
• Unified Dial Plan
© 2014 Sangoma Technologies 29
Vega eSBC
Mediation
Server
Lync
Server
Lync
User
ITSP SIP
SIP
SIP
Vega 5000
Active
Directory
Analog 5000
30. SIP Signaling Conversion
• Convert SIP over TCP to SIP over UDP
• Some devices require SIP/TCP
– e.g. Microsoft Lync
© 2014 Sangoma Technologies 30
32. Carrier SBC for SIP Carrier
Softswitch
ITSP
SBC
Broadband
NAT/FW
NAT/FW
SIP
SIP
SIP SIP
ATA
NAT/FW
SIP
SIP
SBC:
• Performs SIP Security Functions
• Peering with Other SIP Providers
• SIP Harmonization
• Media Harmonization
• Far End NAT Traversal
• Call Admission Control
Residential
Residential
SOHO
SIP
© 2014 Sangoma Technologies 32
33. SIP Trunking
This NetBorder SBC
protects the ITSP’s network
© 2014 Sangoma Technologies 33
34. SIP Network Peering/IP Carrier Interconnect
• Use IP for inter-carrier links
• No TDM conversion required:
– Decrease complexity
– Better voice quality, less delay, less transcoding
© 2014 Sangoma Technologies 34
35. Carrier Interconnect Mediation
• Secure carrier network
• Normalize SIP messaging (easy interop)
• Transcoding between carriers
© 2014 Sangoma Technologies 35
37. Typical Service Provider SBC Deployment
• Hosted PBX Service
• SBC Protects SP’s Network; performs far end NAT traversal, etc.
• Each VoIP phone sends all SIP protocol messages to SP’s
Softswitch via SBC (phone’s outbound proxy settings)
• SBC is critical; if it fails no service for 1000s of users
Internet
Softswitch
© 2014 Sangoma Technologies 37
Router
NAT
FW
Service
Provider
38. Load Balancing SBCs with DNS SRV
Internet
Softswitch
© 2014 Sangoma Technologies 38
Router
NAT
FW
Service
Provider
DNS Server
sbc1
10.10.0.10
sbc2
10.10.0.20
DNS SRV Record Query for ‘carrier.com’
_sip._udp.carrier.com 60 IN SRV 10 50 5060 sbc1.carrier.com
_sip._udp.carrier.com 60 IN SRV 10 50 5060 sbc2.carrier.com
DNS A Record Query
sbc1.carrier.com = 10.10.0.10
sbc2.carrier.com = 10.10.0.20
Same priority and weight
entries:
• sbc1 and sbc2 would each
get 50% of the traffic load
• If one SBC becomes
unavailable, remaining
machine takes the load
1
2
Domain: carrier.com
39. Failover SBCs with DNS SRV
Internet
Softswitch
© 2014 Sangoma Technologies 39
Router
NAT
FW
Service
Provider
DNS Server
sbc1
10.10.0.10
sbc2
10.10.0.20
DNS SRV Record Query for ‘carrier.com’
_sip._udp.carrier.com 60 IN SRV 10 50 5060 sbc1.carrier.com
_sip._udp.carrier.com 60 IN SRV 20 50 5060 sbc2.carrier.com
DNS A Record Query
sbc1.carrier.com = 10.10.0.10
sbc2.carrier.com = 10.10.0.20
• Different Priorities
• Lower Priority tried first:
sbc1.carrier.com
• If sbc1.carrier.com
unavailable:
sbc2.carrier.com
1
2
Domain: carrier.com
40. DNS SRV: Countless Other Scenarios
• DNS SRV records not limited to 2 lines
• Could implement several scenarios:
– M-ways load balancing
– M-ways load balancing; N-way failover
• Example:
• _sip._udp.carrier.com 60 IN SRV 10 60 5060 sbc1.carrier.com
• _sip._udp.carrier.com 60 IN SRV 10 20 5060 sbc2.carrier.com
• _sip._udp.carrier.com 60 IN SRV 10 10 5060 sbc3.carrier.com
• _sip._udp.carrier.com 60 IN SRV 10 10 5060 sbc4.carrier.com
• _sip._udp.carrier.com 60 IN SRV 20 0 5060 sbc5.carrier.com
• The first 4 SBC would share the load at 60%, 20%, 10% and 10% respectively
• If the first 4 SBCs should become unavailable, sbc5 would take the load
© 2014 Sangoma Technologies 40
42. SBC Walkthrough
• For the walkthrough, we will cover the following
topics:
– Logging into your SBC
– System Overview and Services
– Configuring your Signaling Interfaces
– Configuring your Media Interfaces
© 2014 Sangoma Technologies 42
44. Signaling Interfaces – Highlights
• Each interface used for signaling is displayed, with the ability to edit that interface
• User can create multiple virtual interfaces
• Multiple virtual interfaces can be created and applied to a single physical interface
• User can create VLAN interfaces if the SBC is sitting in a specific VLAN
• Multiple VLAN interfaces can be applied to a single physical interface
© 2014 Sangoma Technologies 44
45. Signaling Interfaces – Configuring an Interface
• Simplistic Configuration of signaling interface
• Select from either a static IP assignment or a dynamic DHCP assignment
• Apply an appropriate IP address and Network Mask to the interface
• Options can be an variation of any Linux Ethernet ethtool options
• Ex. speed 1000 duplex full autoneg off
© 2014 Sangoma Technologies 45
46. Signaling Interfaces – sngdsp Interface
• The SNGDSP interface is a special interface within the
SBC
• The interface controls all the interactions between the
media adapters and the SBC
• When configuring the SBC, the sngdsp interface must be
on a “non-routable” network or a WAN/DMZ IP address
– IP address configuration depends on whether you will be
configuring the media adapters in exposed or hidden mode.
This will be explained when looking at the media interfaces.
© 2014 Sangoma Technologies 46
47. Media Interfaces – Highlights
• Outlines the way the media interfaces are configured and details information on each Media DSP
© 2014 Sangoma Technologies 47
adapter
• Media Server configuration is the method in which the DSPs are configured
• Hidden mode hides the DSPs from the environment
• Exposed mode exposes the DSPs to the environment. If in exposed mode, each DSP must have a
routable IP address configured.
• Software mode identifies that no SngDsp interface is installed. Transcoding and TLS/SRTP are
disabled. This is found only in the software only version of the SBC.
• Each SngDsp interface will come with preinstalled adapters. This will depend on which hardware version
of the SBC is purchased.
• The DSP version, MAC address, and assigned IP and RTP ports will be displayed. You can edit
each individually if required.
49. First Practical
• Log in to SBC default details:
– User : root
– Password: sangoma
– Default IP address 192.168.2.2
• Configure Signaling & Media Interfaces
© 2014 Sangoma Technologies 49
– Structure of WebUI
52. What is an SBC and why have one?
• SBCs are installed at the edge of VoIP Networks to facilitate
end to end VoIP transmission without compromising network
security
• Essential for several reasons:
– New security issues introduced with SIP protocol
– Fix interoperability issues
• SBC are typically implemented as Back to Back User Agents
(B2BUA)
– All SIP and media (voice) traffic transit through SBCs
© 2014 Sangoma Technologies 52
53. Vega Enterprise SBC
• Appliance
– 25-250 Sessions
– H/W DSP acceleration
– 1U/2 x 1 GE ports
• Software Version
– 25-500 Sessions/Self-Contained ISO
– VM requirements
• 1 Core/1 GB RAM/Bridged
• Software/Hybrid Version –UNIQUE
– 25-500 Sessions/Self-Contained ISO
– VM requirements
• 1 Core/1 GB RAM/Bridged
– H/W DSP acceleration
D150
© 2014 Sangoma Technologies 53
54. NetBorder Carrier SBC
• Appliance
– 250-4000 Sessions
– H/W DSP acceleration
– 1U/2 x 1 GE ports
– RAID 1
© 2014 Sangoma Technologies 54
55. Failover SBCs with DNS SRV
Internet
Softswitch
© 2014 Sangoma Technologies 55
Router
NAT
FW
Service
Provider
DNS Server
sbc1
10.10.0.10
sbc2
10.10.0.20
DNS SRV Record Query for ‘carrier.com’
_sip._udp.carrier.com 60 IN SRV 10 50 5060 sbc1.carrier.com
_sip._udp.carrier.com 60 IN SRV 20 50 5060 sbc2.carrier.com
DNS A Record Query
sbc1.carrier.com = 10.10.0.10
sbc2.carrier.com = 10.10.0.20
• Different Priorities
• Lower Priority tried first:
sbc1.carrier.com
• If sbc1.carrier.com
unavailable:
sbc2.carrier.com
1
2
Domain: carrier.com
56. Signaling Interfaces – Highlights
• Each interface used for signaling is displayed, with the ability to edit that interface
• User can create multiple virtual interfaces
• Multiple virtual interfaces can be created and applied to a single physical interface
• User can create VLAN interfaces if the SBC is sitting in a specific VLAN
• Multiple VLAN interfaces can be applied to a single physical interface
© 2014 Sangoma Technologies 56
57. Signaling Interfaces – sngdsp Interface
• The SNGDSP interface is a special interface within the
SBC
• The interface controls all the interactions between the
media adapters and the SBC
• When configuring the SBC, the sngdsp interface must be
on a “non-routable” network or a WAN/DMZ IP address
– IP address configuration depends on whether you will be
configuring the media adapters in exposed or hidden mode.
This will be explained when looking at the media interfaces.
© 2014 Sangoma Technologies 57
58. Media Interfaces – Highlights
• Outlines the way the media interfaces are configured and details information on each Media DSP
© 2014 Sangoma Technologies 58
adapter
• Media Server configuration is the method in which the DSPs are configured
• Hidden mode hides the DSPs from the environment
• Exposed mode exposes the DSPs to the environment. If in exposed mode, each DSP must have a
routable IP address configured.
• Software mode identifies that no SngDsp interface is installed. Transcoding and TLS/SRTP are
disabled. This is found only in the software only version of the SBC.
• Each SngDsp interface will come with preinstalled adapters. This will depend on which hardware version
of the SBC is purchased.
• The DSP version, MAC address, and assigned IP and RTP ports will be displayed. You can edit
each individually if required.
60. Conceptual Overview
© 2014 Sangoma Technologies 60
Carrier
SIP Trunk
External
SIP Profile
External
Media Profile
Domain
Profile
Inbound Call
Routing
Internal
SIP Trunk
Internal
SIP Profile
Internal
Media Profile
Outbound
Call Routing
62. SIP Profile Overview
Carrier
SIP Trunk
© 2014 Sangoma Technologies 62
1
External
SIP Profile
External
Media Profile
Domain
Profile
Inbound Call
Routing
Internal
SIP Trunk
Internal
SIP Profile
Internal
Media Profile
Outbound
Call Routing
63. What is a SIP Profile?
• A SIP Profile defines a SIP interface in the SBC
• The SIP profile defines a set of SIP attributes that are
associated to the SIP interface on the SBC
• The SIP Profile is used as a portal external endpoints or
Trunks which connect to the SBC
• An IP interface address and port are bound exclusively to the
SIP Profile
• As part of the config call routing plans, domain profiles, media
profiles, and SIP trunks are bound to the SIP profiles
© 2014 Sangoma Technologies 63
64. SIP Profile Overview
• Any call, whether inbound or outbound, gets processed
within a SIP profile
• Profile has a choice where to send the call based on call
routing
• In general, there is always a minimum of 2 profiles within
an SBC
– One is internal
– One is external
© 2014 Sangoma Technologies 64
65. SIP Profiles
• SIP Profiles can be managed from the SIP Profile menu option which is contained
© 2014 Sangoma Technologies 65
under Configuration
• A list of all the configured SIP Profiles is listed, with the ability of modifying a profile or
removing it entirely
• The ability to sort and search is also available to users who have multiple SIP Profiles
• This would happen if the SBC is being used in a multi-tenant or carrier situation
67. Domain Profile Overview
Carrier
SIP Trunk
© 2014 Sangoma Technologies 67
1
2
External
SIP Profile
External
Media Profile
Domain
Profile
Inbound Call
Routing
Internal
SIP Trunk
Internal
SIP Profile
Internal
Media Profile
Outbound
Call Routing
68. What is a Domain Profile?
• A domain, or a SIP realm, is a component within SIP which is used
to authenticate users within the SIP Registration process
• Domain profiles are used to define the way users will authenticate
with the SBC
– Local authentication is used when users will register with the SBC
– Upper registration is used when users will register to a softswitch or a IP-PBX
through a SBC
• This enables topology hiding so that no one outside of the corporate network knows
about the equipment sitting behind the SBC
• If using IP authentication, you will not require a domain profile
© 2014 Sangoma Technologies 68
69. Domain Profile Overview
• When a registration arrives into a SIP profile, the SIP profile
then sends off that request to the domain profile which is
bound to it
• The domain profile details where to send the registration
request
– Local authentication challenges the registration from within the SBC
• User information is stored within the SBC
– Upper registration proxies the request to an IP-PBX or softswitch so
that the registration request can be validated
• User information is stored within the IP-PBX or the softswitch
© 2014 Sangoma Technologies 69
70. Domain Profiles
• Domain profiles can be managed from the Domain Profile menu option within the
Configuration menu
• Domain profiles can be either a domain name
(ex. Sangoma.com) or an IP address (ex. 10.82.1.254)
• The name of the domain profile must correspond to the way users register to
either the SBC
– If the users will register to a domain name, the name of the domain profile MUST be that
domain name (i.e. 132@sangoma.com)
– If the users will register with an IP address, the name of the domain profile MUST be the IP
address (i.e. 132@10.82.1.254)
© 2014 Sangoma Technologies 70
72. Media Profile Overview
Carrier
SIP Trunk
© 2014 Sangoma Technologies 72
1
External 2
SIP Profile
External
Media Profile
Domain
Profile
Inbound Call
Routing
Internal
SIP Trunk
Internal
SIP Profile
Internal
Media Profile
Outbound
Call Routing
73. What is a Media Profile?
• A media profile is a list of attributes which defines
what audio codecs are used on a per call basis
• It also describes how DTMF (Dual Tone Multiple
Frequency) will be handled within the SIP profile
© 2014 Sangoma Technologies 73
74. Media Profile Overview
• The media profile deals with the codec negotiation which
occurs before a call is established
• Media profiles have a list of codecs within them, and detail
how the process will occur
– Either the remote end will choose the codec or the SBC will choose
the codec
• Codec negotiation is usually performed within the SIP SDP
(Session Description Protocol)
– The SDP is usually found in the SIP 200 OK message which is sent
prior to call establishment and the flow of RTP
© 2014 Sangoma Technologies 74
75. Media Profiles
• Media profiles are used to determine which audio codecs will be used with SIP profiles
– Multiple codecs are only available on the Carrier, Enterprise, or Hybrid SBCs
– The software version of the SBC will only allow G.711
• You can also choose the codec negotiation mode, DTMF (Dual-Tone Multi Frequency) mode, and
whether to enable/disable silence suppression
• By default, only 1 profile is created
– Multiple profiles can be created
– No limit to the amount of profiles
– You can create an inbound profile and outbound profile, then use that in your SIP profiles
– Possibilities are endless…
© 2014 Sangoma Technologies 75
76. Media Profile – Codecs
• An audio codec is a program implemented as an algorithm that
compresses and decompresses digital audio data
• 5 codecs can be configured per media profile
– 10 different codecs to choose from with multiple variations of each codec
– Codecs available:
• G.711 PCMU
• G.711 PCMA
• G.729
• AMR
• iLBC
• GSM
• G.722
• G.722.1
• G.723
• G.726
© 2014 Sangoma Technologies 76
78. Carrier
SIP Trunk
Internal
SIP Trunk
External
Media Profile
SIP Trunk Overview
1
4
External
SIP Profile
Domain
Profile
Inbound Call
Routing
Internal
SIP Profile
Internal
Media Profile
Outbound
Call Routing
© 2014 Sangoma Technologies 78
79. What is a SIP Trunk?
• SIP trunks are used to create a communication path
between 2 SIP aware endpoints
• Trunks can be used to communicate with SIP
carriers or with IP-PBXs
– It is the description of how the SBC will communicate with
that endpoint
– Example: IP address, port, etc.
© 2014 Sangoma Technologies 79
80. SIP Trunk Overview
• In a scenario where a call is trying to be established,
the SIP profiles need to know about the endpoints
• SIP trunking allows for the profiles to be aware of
where calls may originate from
– Calls will arrive from a trunk, then are processed within the
profile, then are sent to call routing in order to redirect to a
different trunk
© 2014 Sangoma Technologies 80
81. SIP Trunks
• SIP trunks attach to SIP profiles from within the trunk
configuration
• Multiple SIP trunks can be created
– A SIP profile can control multiple SIP trunks, but a SIP
trunk can only be bound to a single SIP profile
© 2014 Sangoma Technologies 81
83. What is Call Routing
• Call routing is the process used to route telephone calls
across a telephony network
• The process is the same whether calls are made
between two phones in the same locality, or across two
different continents
© 2014 Sangoma Technologies 83
84. Call Routing Concepts
© 2014 Sangoma Technologies 84
Carrier
SIP Trunk
External
SIP Profile
External
Media Profile
Domain
Profile
Internal
SIP Trunk
Internal
SIP Profile
Ingress
Header
Manipulation
Ingress
Header
Manipulation
Internal
Media Profile
Inbound Call
Routing
Egress Header
Manipulation
Outbound
Call Routing
Egress Header
Manipulation
1
4
85. Call Routing Concepts
• There are three concepts to call routing:
1. Condition
• The outcome this routing rule is addressing
• The condition statement is used to determine how the call will be dealt if the rule turns out to be
true or false
• Example: Check the destination number is +19054741990
2. Action to be performed if true
• What action will be performed if the condition is found to be true?
• Example: Bridge to a different SIP trunk
3. Action to be performed if false
• What action will be performed if the condition is found to be false?
• Example: Send the originator a 503 service unavailable message
© 2014 Sangoma Technologies 85
86. Call Routing Explained
• Routing rules are created in order to direct calls received from one
interface, and bridge it out to the next interface
– SIP profiles or SIP trunks are used to bridge calls
• Routing rules can be as simple as bridging between trunks, or as
complicated as choosing from a different carrier due to costs of
routing
• There are two different methods for creating routing rules within the
SBC
– Basic Routing
– Advanced Routing
© 2014 Sangoma Technologies 86
87. Basic Call Routing
• Basic call routing uses the graphic user interface of the SBC
to allow users to create routing rules
• It is modeled so that anyone would be able to create almost
any type of scenario without the need to learn XML
• Each basic dialplan can have multiple rules associated with it
– Each rule deals with a specific condition which needs to be met
– You can program the rule to continue to the next rule if it passes or
fails
© 2014 Sangoma Technologies 87
88. Basic Dialplan Aggregated View
• First section deals with default parameters for that particular dialplan
• Second section deals with the specific rules which will be processed
within the dialplan
– Each rule is described based on the selections chosen within the rule configuration
© 2014 Sangoma Technologies 88
89. Advanced Call Routing
• For advanced users, there is a way to build dialplans using the advanced
call routing engine
• Advanced call routing is based on XML
• There is no need to build multiple rules
– All rules are added into a single XML file
– Rules are separated by the different conditions
• There are different editors built into the advanced dialplan that a user may
choose from:
– Standard text editor
– Vim editor
– Emacs editor
© 2014 Sangoma Technologies 89
92. SBC Walkthrough
• Will cover the following configurable sections within
the SBC:
– SIP Profiles
– SIP Trunks
– Domain Profiles
– Call Routing
© 2014 Sangoma Technologies 92