1. ACLI Reference Guide
  2. ACLI Configuration Elements N-Z
  3. sti-config

sti-config

The sti-config object configures server connection control parameters the Oracle Communications Session Border Controller uses to manage STIR/SHAKEN server availability.

Parameters

circuit-breaker-window-duration
Specifies the time in seconds the system uses to establish the window it uses to establish the circuit breakers timing. The default is 10 seconds. The range is from 10 to 30.
circuit-breaker-error-threshold
Specifies the number of errors the system counts before it marks the server as out of service. The default is 5 errors. The range is from 3 to 10.
circuit-breaker-retry-time
Specifies the time in seconds the system uses to retry connecting to the server. The default is 15 seconds. The range is from 5 to 900.
circuit-breaker-half-open-frequency
Specifies the number of times the system skips this server while it is marked half open. The default is 6, which causes the system to re-use the server once every 6th retry. The range is from 5 to 100.
sti-signaling-attest-info-mandatory
When enabled, causes the system to check whether the mandatory headers P-Attestation-Info (or Attestation-Info) header and P-Origination-ID or (Origination-ID) header are present in received INVITE. If either of these headers are missing, the system does not sent an attestation request to the STI server.
  • Default: disabled
  • Values: enabled | disabled
anonymous-uri-add-verstat-to-hostpart
This parameter determines the system's placement of the verstat parameter when the received INVITE does not contain a P-Asserted-IDentity header, but does contain a Privacy header and an anonymous URI in the FROM. When enabled, the system adds the verstat parameter after the hostpart of the anonymous From URI. When disabled, the system adds the verstat parameter after the user-part of the anonymous From URI.
  • Default: disabled
  • Values: enabled | disabled
use-identity-header

When enabled in conjunction with STI verification, this parameter causes the SBC to add a Reason header to 18x, 19x responses and 3xx, 4xx, 5xx, 6xx final responses that it sends to a callee with a cause value of “428” and the text “Use Identity Header” for all received INVITEs that did not contain an identity header.

  • Default: disabled
  • Values: enabled | disabled
check-duplicate-passports

Enables the system to check for duplicate SHAKEN or DIV passports in a received INVITE. If it finds duplicates, the system deletes one of the duplicates from the INVITE.

  • Default: disabled
  • Values: enabled | disabled
tn-retargeting

Enables the system to perform DIV authentication request, based on the received INVITE.

  • Default: disabled
  • Values: enabled | disabled
verstat-comparison

To support authentication processes, determines whether and how the system compares the verstat value present in FROM and PAI headers with the values present in this parameter. If a value matches, then the system accepts the validation and performs only DIV authentication processes. If the value is empty, the system does not perform the comparison.

  • Default: Empty
  • TN-Validation-Passed
  • TN-Validation-Passed
  • No-TN-Validation
  • TN-Validation-Failed
dest-comparison
Specifies whether and on which header the system compares its stored TN with either the Request-URI or the To header in received INVITEs with the {dest} value in the SHAKEN passport. If the value is empty, the system does not perform the comparison.
  • Default: Empty
  • Request-URI
  • To
sti-as-correlation-id
When enabled, the system adds the SipCallId parameter to REST authentication requests to the STI-AS. This parameter contains the information from the corrID parameter in the P-NokiaSiemens.Session-Info SIP header.
Values include:
  • Default: disabled
  • Values: enabled | disabled
reason-json-sip-translation
When enabled, the system creates a Reason header from the parameters reasoncode and reasontext, if received from the STI-VS. The system also adds this Reason header to the egress INVITE.
sti-header-mapping-ruleset-name
Name of this STI Header Mapping Ruleset you want to use as default across all sti-servers. A ruleset name configured against a sti-server takes precedence for that server over this ruleset.
flip-tn-lookup-order

When enabled, the system prioritizes the FROM header over the PAI header as the source from which it retrieves a TN for use during authentication and verification procedures.

  • Default: disabled
  • Values: enabled | disabled
sti-response-treatment-config-name
Specifies the name of the sti-response-treatment-config to apply to this sti-config with which the system can attempt to match the contents of each received sti-vs response for the purpose of rejecting the associated call.
max-retry-attempts
The number of attempts the system tries sending a request to a new sti-server within the sti-server-group unless a server responds or sip transaction times out.

Values include:

  • Default: 0 (disabled)
  • Values: 0 to 30
options
Establish customer-specific features and/or parameters. This value can be a comma separated list of “feature=<value>" or "feature" parameters.
sti-reason-header-config-name
Specifies the sti-reason-header-config object you want to apply globally. This parameter takes the value of the applicable name parameter within a sti-reason-header-config object.
stop-adding-verstat-towards-caller
Enables the system to stop adding the verstat parameter to all SIP messages it sends toward the calling party. Enabling this parameter also causes the system stop adding the verstat to in-dialog requests towards the calling party. Values include:
  • disabled (Default)
  • enabled
stivs-bypass-header
Enables the system to bypass STI-AS signature request process when the system finds the SIP header you set as the parameter's value in the incoming SIP INVITE request. Whenever the system detects the configured SIP header in an ingress SIP INVITE that is subject to STI-VS verification, the system bypasses the trigger to STI-VS and adds verstat=No-TN-Validation to the egress INVITE.

Values include:

  • <SIP header name>
stias-bypass-header
Enables the system to bypass STI-VS verification request process when the system finds the SIP header you set as the parameter's value in the incoming SIP INVITE request. Whenever the system detects the configured SIP header in an ingress SIP INVITE that is subject to STI-AS authentication, the system bypasses the trigger to STI-AS.

Values include:

  • <SIP header name>

Path

sti-config is an element under the session-router branch. The full path from the topmost ACLI prompt is: configure terminal , and then session-router , and then sti-config.