ACLI Configuration Element Changes
The following tables summarize the ACLI configuration element changes in the Oracle Communications Session Border Controller S-Cz9.2.0 release.
SIP Config
| New Attributes | Description |
|---|---|
| session-router, sip-config, precondition-enhancement | Enables preconditions behaviors, including Dynamic Preconditions, PEM Gating, Changing the Media Direction Attribute, and the Optional Strength Tag Support |
Realm Config
| Modified Elements | Description |
|---|---|
| media-manager, realm-config, in-translationid | This attribute has been removed. |
| media-manager, realm-config, out-translationid | This attribute has been removed. |
| media-manager, realm-config, in-session-translations | This element has been added. Use this element to configure ingress session translations. |
| media-manager, realm-config, in-session-translations, in-session-translation-id | Identify the session translation id to apply to ingress headers. |
| media-manager, realm-config, in-session-translations, state | Enable or disable this session translation. |
| media-manager, realm-config, in-session-translations, move | Change the order of execution of the session translation rules. |
| media-manager, realm-config, out-session-translations | This configuration element has been added. Use this element to configure egress translations. |
| media-manager, realm-config, out-session-translations, out-session-translation-id | Identify the session translation id to apply to egress headers. |
| media-manager, realm-config, out-session-translations, state | Enable or disable this session translation. |
| media-manager, realm-config, out-session-translations, move | Change the order of execution of the session translation rules. |
| media-manager, realm-config, fqdn-hostname | The FQDN hostname to be used in messages. |
| media-manager, realm-config, fqdn-hostname-in-header | The headers where the FQDN hostname can be applied. |
| media-manager, realm-config, P-Asserted-Identity | The string you want to use to set the identity within PAI headers for this realm's egress traffic |
| media-manager, realm-config, P-Asserted-Identity-For | The method header to match for inserting PAI headers. |
Session Agent
| Modified Elements | Description |
|---|---|
| session-router, session-agent, in-translationid | This attribute has been removed. |
| session-router, session-agent, out-translationid | This attribute has been removed. |
| session-router, session-agent, in-session-translations | This element has been added. Use this element to configure ingress session translations. |
| session-router, session-agent, in-session-translations, in-session-translation-id | Identify the session translation id to apply to ingress headers. |
| session-router, session-agent, in-session-translations, state | Enable or disable this session translation. |
| session-router, session-agent, in-session-translations, move | Change the order of execution of the session translation rules. |
| session-router, session-agent, out-session-translations | This configuration element has been added. Use this element to configure egress translations. |
| session-router, session-agent, out-session-translations, out-session-translation-id | Identify the session translation id to apply to egress headers. |
| session-router, session-agent, out-session-translations, state | Enable or disable this session translation. |
| session-router, session-agent, out-session-translations, move | Change the order of execution of the session translation rules. |
| session-router, session-agent, fax-servers | Add a fax server group. |
System Config
| Modified Elements | Description |
|---|---|
| system, system-config, collect | This element is no longer visible when the product is SLB. |
| system, system-config, link-redundancy-state | Attribute is not present in 9.2. |
| system, system-config, log-tls-key | Enable logging TLS keys |
| system, system-config, httpclient-max-total-conn | The total number of TCP connections allowed by HTTP clients. |
| system, system-config, httpclient-max-cpu-load | The maximum CPU percentage for HTTP clients. |
TLS 1.3
| Modified Elements | Description |
|---|---|
| security, tls-profile, tls-version | The tls-version attribute has a new default value: tlsv13. |
Translation Rules
| Modified Elements | Description |
|---|---|
| session-router, translation-rules, type | This attribute has been removed. |
| session-router, translation-rules, add-string | This attribute has been removed. |
| session-router, translation-rules, add-index | This attribute has been removed. |
| session-router, translation-rules, delete-string | This attribute has been removed. |
| session-router, translation-rules, delete-index | This attribute has been removed. |
| session-router, translation-rules, description | This attribute has been added. Provide a description of this translation rule. |
| session-router, translation-rules, input-header-type | This attribute has been added. Select the ingress header on which to perform a translation rule. |
| session-router, translation-rules, input-header-value | This attribute has been added. Enter a regex pattern to identify which part of the ingress header will be manipulated. |
| session-router, translation-rules, output-header-type | This attribute has been added. Select the egress header that will contain the previously captured information. |
| session-router, translation-rules, output-header-value | This attribute has been added. Enter the regex pattern that will create the value of the egress header. |
Session Translation
| Modified Elements | Description |
|---|---|
| session-router, session-translation, rules-calling | This attribute has been removed. |
| session-router, session-translation, rules-called | This attribute has been removed. |
| session-router, session-translation, rules-asserted-id | This attribute has been removed. |
| session-router, session-translation, rules-redirect | This attribute has been removed. |
| session-router, session-translation, rules-history-info | This attribute has been removed. |
| session-router, session-translation, rules-isup-cdpn | This attribute has been removed. |
| session-router, session-translation, rules-isup-cgpn | This attribute has been removed. |
| session-router, session-translation, rules-isup-gn | This attribute has been removed. |
| session-router, session-translation, rules-isup-rdn | This attribute has been removed. |
| session-router, session-translation, rules-isup-ocn | This attribute has been removed. |
| session-router, session-translation, id | This attribute has been added. Provide a name for this set of translation rules. |
| session-router, session-translation, session-trans-rule | This configuration element has been added. |
| session-router, session-translation, session-trans-rule, rule-id | Identify the id of the translation rule that you want to apply. |
| session-router, session-translation, session-trans-rule, mandatory | Determine whether this translation-rule is required or not. |
| session-router, session-translation, session-trans-rule, state | Enable or disable this translation-rule. |
| session-router, session-translation, session-trans-rule, move | This command has been added. Change the order in which the translation rules are run. |
Media Security
| New Attributes | Description |
|---|---|
| security, media-security, media-sec-policy | Configure a media security policy to apply to inbound or outbound traffic. |
| security, media-security, sdes-profile | Configure an SDES profile. |
| security, media-security, sipura-profile | Configure a Sipura/Linksys profile. |
Home Subscriber Server
| New Attributes | Description |
|---|---|
| session-router, home-subscriber-server, options | A new options attribute exists in this release. |
Local Policy
| New Attributes | Description |
|---|---|
| session-router, local-policy, policy-attributes, move | Move the position of a policy attribute. |
| session-router, local-policy, parallel-forking, | Used for forking a call in parallel to policy-attributes |
MSRP Config
| New Attribute | Description |
|---|---|
| media-manager, msrp-config, msrp-kpi | Enable or disable MSRP KPI statistics. |
SIP Interface
| New Attributes | Description |
|---|---|
| session-router, sip-interface, allow-diff2833-clock-rate-mode | Specifies whether and how the SBC can present an SDP answer towards ingress that contains a telephone-event clock rate that is not the same as the audio codec clock rate. |
Steering Pool
| New Attributes | Description |
|---|---|
| media-manager, steering-pool, port-allocation-strategy | Select the appropriate strategy for this steering pool based on media type support in this realm. |
STI Header Mapping Rules
| New Attributes | Description |
|---|---|
| session-router, sti-header-mapping-ruleset | Multi-instance element allowing you to create header manipulations that target Stir/Shaken traffic. |
| session-router, sti-header-mapping-ruleset, name | Specifies a unique identifier for this sti-header-mapping-ruleset. You use this name when you apply the ruleset to either a sti-server or the sti-config. |
| session-router, sti-header-mapping-ruleset, mapping-rules | Multi-instance element from which you create rules for manipulating headers within Stir/Shaken traffic. |
| session-router, sti-header-mapping-ruleset, mapping-rules, id | Specifies a unique identifier for this mapping-rule. |
| session-router, sti-header-mapping-ruleset, mapping-rules, source-header | Specifies the header within an HTTP request or a SIP INVITE from which you create changes to the target-header. You can use Regex syntax to refine the selection of the header components that you apply to the target-header. |
| session-router, sti-header-mapping-ruleset, mapping-rules, target-header | Specifies the header you modify, based on this rule's source-header parameter, within an HTTP request or a SIP INVITE. You can use Regex syntax to refine the insertion of the header components that you apply to this header. |
| session-router, sti-header-mapping-ruleset, mapping-rules, direction | Specifies the direction that this rule affects. Outbound causes the system to modify headers traffic to the applicable sti-server. Inbound affects headers from the sti-server. |
| session-router, sti-header-mapping-ruleset, mapping-rules, role | Specifies the role, Stir/Shaken authentication or verification, within which this rule applies. |
STI Config and STI Server
| New Attributes | Description |
|---|---|
| session-router, sti-config, use-identity-header | Causes the SBC to add a Reason header to 18x, 19x responses and 3xx, 4xx, 5xx, 6xx final responses that it sends to a callee with a cause value of “428” and the text “Use Identity Header” for all received INVITEs that did not contain an identity header. |
| session-router, sti-config, check-duplicate-passports | Enables the system to check for duplicate SHAKEN or DIV passports in a received INVITE. |
| session-router, sti-config, tn-retargeting | Enables the system to perform DIV authentication request, based on the received INVITE. |
| session-router, sti-config, verstat-comparison | Determines whether and how the system compares the verstat value present in FROM and PAI headers. |
| session-router, sti-config, dest-comparison | Specifies whether and on which header the system compares its stored TN. |
| session-router, sti-config, sti-as-correlation-id | Adds the SipCallId parameter to REST authentication requests to the STI-AS. |
| session-router, sti-config, reason-json-sip-translation | Creates a Reason header from the parameters reasoncode and reasontext, if received from the STI-VS. |
| session-router, sti-config, sti-header-mapping-ruleset-name | Name of this STI Header Mapping Ruleset you want to use as default across all sti-servers. |
| session-router, sti-config, flip-tn-lookup-order | Prioritize the FROM header over the PAI header as the source from which it retrieves a TN for use during authentication and verification procedures. |
| session-router, sti-server, role | The role of the STIR/SHAKEN server. |
| session-router, sti-server, http-rest-type | The type of the STIR/SHAKEN implementation. |
| session-router, sti-server, div-as-server-root | The STI-AS Server root URL for div authentication requests. |
| session-router, sti-server, div-vs-server-root | The STI-VS Server root URL for div verification requests. |
| session-router, sti-server, options | A new options parameter. |
| session-router, sti-server, sti-header-mapping-ruleset-name | The name of the instance of sti-header-mapping-ruleset to apply. |
DTLS-SRTP
| New Attributes | Description |
|---|---|
| security, media-security , dtls-srtp-profile, name | Unique identifier for this DTLS SRTP profile. Use this name when you apply the profile to realms. |
| security, media-security , dtls-srtp-profile, tls-profile | The name of the tls-profile you want to apply to traffic under this dtls-srtp-profile. |
| security, media-security , dtls-srtp-profile, dtls-completion-timeou | Specify the number of seconds the system waits for a DLTS handshake to finish before terminating the session. |
| security, media-security , dtls-srtp-profile, preferred-setup-role | Specify the role the system takes within the client-server context of the DTLS handshake. |
| security, media-security , dtls-srtp-profile, crypto-suite | Specifies the cryptography suite the system proposes during the DTLS handshake for encrypting media and authentication. |
| realm-config, dtls-srtp-profile | The name of the dtls-srtp-profile you want to apply to DTLS traffic on this realm |
NSEP Statistics
| New Attributes | Description |
|---|---|
| session-router, nsep-stats-profile, state | Enables or disables this nsep-stats-profile, which is a multiple element |
| session-router, nsep-stats-profile, rvalues | Lists the rvalues to be considered for per realm statistics. |
| session-router, nsep-stats-profile, feature-code | The country code STD to be used to with the dialed numbers on which you want to collect realm-based statistics. This is to be pre-pended to all configured dialed numbers. This value must be configured if any dialed number is configured. You can configure only one feature code. |
| session-router, nsep-stats-profile, dialed-numbers | Specifies the dialed numbers to be considered for per realm statistics. Use of this parameter also requires that the feature-code parameter be configured. |
| media-manager, realm-config, nsep-stats | Enable NSEP statistics on a realm. |
CCF via FQDN
| Modified Elements | Description |
|---|---|
| session-router, account-config, dns-realm | The realm where the DNS server from which the system can obtain resolutions to an FQDN hostname for a Diameter server. |
| session-router, account-config, acr-buffer-upper-threshold | New attribute. The upper threshold for the ACR buffer after which the SBC will select an alternate server. |
| session-router, account-config, acr-buffer-lower-threshold | New attribute. The lower threshold for the ACR buffer which, when reached, the SBC will select the primary server again. |
| session-router, account-config, maintain-ccf-affinity | New attribute. Enable an affinity between ACRs and CCFs so that all ACRs within a single session are sent to the same CCF (unless it goes down). |
| session-router, account-config, send-disconnect-peer-msg | New attribute. Enable or disable sending the disconnect message to a peer. |
| session-router, account-config, next-priority-selection-interval | New attribute. The time interval in minutes between routing the new call session to the next lower priority CCF after the first switch. |
| session-router, account-group, account-servers, fqdn-pool-type | New attribute. Identify whether the configured hostname FQDN belongs to the primary pool or the secondary pool. |
NTP Sync
| New Attribute | Description |
|---|---|
| ntp-sync, dns-realm | The realm on which your NTP server resides. |
New Alarms
| New Attributes | Description |
|---|---|
| session-router, sip-config, internal-503-threshold | The percentage of 503 Service Unavailable responses over the total SBC-generated messages which, once crossed, generates an alarm. |
| session-router, sip-config, internal-503-lower-threshold | The percentage of 503 Service Unavailable responses which, once crossed, informs the system that the previously generated alarm is considered resolved. |
| session-router, sip-config, 503-alarm-monitoring-time | The number of minutes before which the SBC rechecks whether the internal 503 alarm is cleared. |
| media-manager, realm-config, steering-pool-threshold | The utilization percentage for steering pools which, once crossed, generates an alarm. |
| media-manager, realm-config, steering-pool-lower-threshold | The utilization percentage for steering pools which, once crossed, the previously generated alarm is considered resolved. |
| media-manager, realm-config, steering-pool-alarm-monitoring-time | The number of minutes that a steering-pool alarm should be monitored before re-triggering. |
| session-router, session-agent, trigger-oos-alarm | Enable or disable the sending of an alarm when a Session Agent is out of service |
Surrogate Agent
| New Attributes | Description |
|---|---|
| session-router, surrogate-agent, auth-user-lookup | Enter the name of an auth-user-lookup in a realm's auth-attributes list so that the SBC uses those credentials to authenticate challenged register requests |
| session-router, surrogate-agent, proxy-name | Enter the name of the session agent you have configured as the Registrar that validates this surrogate agent's register requests for the purpose of routing to that session agent. |
| session-router, surrogate-agent, un-register | Set the de-registration state |
| session-router, surrogate-agent, source-ip-prefix | Enter the list of IP address (with optional prefix) to validate the source IP. |
TCP Port for Session Agents
The following change was introduced in S-CZ9.2.0p3.
| New Attributes | Description |
|---|---|
| session-router, session-agent, static-tcp-source-port | Set the source TCP port for the session agent. |
Updates to the STI Server Group
| Modified Element | Description |
|---|---|
| session-router, sti-server-group, strategy | The following strategy parameter values are not
supported:
|