Preconditions and Multiple Early Dialog

You can configure the SBC with the enhancement described here to overcome limitations in Multiple Early Dialogs (MED) call flows. To support the use of MED with preconditions, the SBC implements preconditions processing at the dialog level.

See the Preconditions and Multiple Early Dialog section in the SIP Signaling Services chapter of the ACLI Configuration Guide for detailed information.

Reject Non-Emergency Traffic using Emergency DSCP

You can configure the SBC to reject traffic that uses emergency DSCP codes to designate itself as emergency traffic. This function applies to calls from both registered and unregistered endpoints and for both UDP and TCP traffic.

See the Reject Non-Emergency Traffic using Emergency DSCP section in the SIP Signaling Services chapter of the ACLI Configuration Guide for detailed information.

Realm Based SIP Method Statistics for SNMP

You can configure the SBC to generate SIP method statistics for SUBSCRIBE, NOTIFY, and MESSAGE requests on a realm basis by enabling the snmp-sipmethod-stats parameter in the applicable realm-config. These statistics are only available when you perform an SNMP WALK, GET or SNMPGETNEXT from you SNMP manager.

See the Realm Based SIP Method Statistics section in the SNMP Configuration chapter of the MIB Guide for detailed information.

Supporting IOI AVPs for Unregistered Endpoints

You can configure the SBC to include the Originating-IOI and Terminating-IOI AVPs within ACRs and Diameter based CDRs for unregistered endpoints in addition to registered endpoints. Support for registered endpoints is available without special configuration. For unregistered endpoints, you enable the ioi-for-unregistered option within the account-config element.

See the Supporting IOI AVPs for Unregistered Endpoints section in the Diameter Accounting chapter of the Accounting Guide for detailed information.

Suppressing Re-INVITEs for Call Hold/Resume Dialogs

You can configure the SBC to suppress Re-INVITEs for Call Hold/Resume dialogs and REPLACES dialogs to reduce excess signaling traffic. From the perspective of the SBC, a re-INVITE on one side of a session does not necessarily need to be forwarded to other side. When the SBC receives a Re-INVITE that triggers, for example, a call hold, it can suppress that message from being sent out the egress and handle the transaction locally, between itself and the endstation that sent the re-INVITE. For this feature to work correctly, the applicable Hold and Resume Re-INVITEs must include SDP.

See the Suppressing Re-INVITEs for Call Hold/Resume Dialogs section in the SIP Signaling chapter of the ACLI Configuration Guide for detailed information.

Support of Adaptive HNT for TCP endpoints

The SBC supports Adaptive Host NAT Traversal (AHNT) over TCP in addition to UDP. TCP AHNT configuration and behavior is largely the same as for UDP. You use sip-interface parameters that are equivalent to, but separate from the UDP parameters to configure Adaptive HNT for TCP.

See the Adaptive HNT over TCP section in the SIP Signaling chapter of the ACLI Configuration Guide for detailed information.

Incoming Request Validation

You can configure the SBC to validate a specific set of requests and respond to these requests with the behaviors presented here when you enable the ntt-request-valid SPL option. This validation works using Surrogate Register SPL options within SurrogateRegister.spl and in conjunction with other NTT Message Converter SPL options. This processing compares values within the request, and only processes the call if they match. If they do not match, the SBC replies with responses specific to each scenario.

See the Request Validation section in the SBC Processing Language (SPL) chapter of the ACLI Configuration Guide for detailed information.

Mapping SIP to HTTP Parameters

You can configure the SBC with static mapping of signaling information to and from SIP INVITEs and HTTP requests or responses. This mapping provides a means of conveying SIP header and parameter information, including ICID information within HTTP headers and vice-versa. The HTTP exchanges can be during authentication and verification procedures. This feature applies to both ATIS and 3GPP modes.

See the HTTP Header Manipulation section in the STIR/SHAKEN chapter of the ACLI Configuration Guide for detailed information.

Suppression of Subsequent 18x Messages

You can configure the SBC to suppress some provisional 180 or 183 messages from a UAS within call-setup transactions to reduce excess signaling traffic. The system forwards only the first 180 or 183 and suppresses all of the subsequent 180 and 183 messages until it receives a 200 OK from the UAC. You configure this feature using an SPL option within the SuppressAdditionalProvisional SPL.

See the Suppression of Subsequent 18x Messages section in the SIP Signaling chapter of the ACLI Configuration Guide for detailed information.

Additional STUN Candidate for RTCP

You can configure the SBC to establish a collapsed flow between itself and any STUN endpoint by enabling the rtcp-stun parameter in the applicable ice-profile. The system uses this flow for both RTP and RTCP, collapsing this traffic from two ports. As such, this configuration only applies when you have a realm supporting STUN with rtcp-mux disabled.

See the Additional STUN Candidate for RTCP section in the Advanced Media Termination Support chapter of the ACLI Configuration Guide for detailed information.

IPv4/IPv6 MSRP Packet Trace Remote Support

You can use the SBC remote capture feature to analyze MSRP traffic, including the TCP handshake to set up connections and support MSRP traffic as well as IPv6 traffic.

See the Packet Trace Remote section in the Monitoring Guide for detailed information.

Disabling GARP and ND for out-of-subnet Addresses

You can configure the SBC to limit its use of Gratuitous Address Resolution Protocol (GARP) or Network Discovery (ND). Specifically, you can prevent the system from performing this function for each sip-interface that is not in the same subnet as the network-interface on which they operate. External systems typically reach these addresses through static routes or other routing configurations, making the use of GARP and ND unnecessary for them.

See the Disabling GARP and ND for out-of-subnet Addresses section in the System Configuration chapter of the ACLI Configuration Guide for detailed information.

Rejecting Calls During Verification

You can configure the SBC to reject calls based on the verstat and reason code from sti-vs server. To perform this function, you configure a sti-response-treatment-entry element and apply it to the sti-config or sti-server. The SBC uses each entry to determine whether to reject any call that matches the entry with the verstat and reasoncode or with only the verstat in an STI-VS response. This function applies to both ATIS and 3GPP deployments.

See the Rejecting Calls During Verification section in the STIR/SHAKEN chapter of the ACLI Configuration Guide for detailed information.

Per Call Availability of STI Servers

In addition to circuit breakers, which prevent the SBC from continually trying to communicate with a non-responsive server, you can configure maximum retries and SIP transaction timeout responses that determine how the SBC behaves with individual calls when there are problems reaching STI servers. This feature is applicable for both authentication as well as verification.

See the Per Call Availability of STI Servers section in the STIR/SHAKEN chapter of the ACLI Configuration Guide for detailed information.

Adaptive Jitter Buffers for Transcoding Flows on vSBCs

The processing of transcoded flows on the SBC uses an adaptive jitter buffer. This feature allows the transcoding function to adapt to changes in network conditions and packet jitter. But if necessary, the jitter buffer feature (on virtual SBC platforms only) can also be adjusted to better align to specific network conditions.

See the Adaptive Jitter Buffers for Transcoding Flows on vSBCs section in the Transcoding chapter of the ACLI Configuration Guide for detailed information.

Critical Memory Switchover

You can configure a high availability deployment of the SBC to switch to the standby when the system detects memory utilization that is persistently high. Over-utilization of memory can trigger a system crash. This function reduces the risk of those crashes.

See the Critical Memory Switchover section in the System Configuration chapter of the ACLI Configuration Guide for detailed information.

Scheduled External Configuration Backup

You can configure the SBC to automatically back up its current backup configuration file dataDoc.gz, which is available at /code/gzConfig/, to an external SFTP server. This feature enhances system reliability by maintaining an off-system copy of your configuration and by making restoration processes faster.

See the Scheduled External Configuration Backup section in the System Configuration chapter of the ACLI Configuration Guide for detailed information.

RFC 6733 Compliance for the Vendor-Specific-Application-Id

You can configure the SBC to perform CER and LIR transactions over the Cx interface in compliance with RFC 6733 with respect to the contents of the Vendor-Specific-Application-Id AVP (260). You do this by setting the rfc6733compliant option under the applicable home-subscriber-server. RFC 6733 compliance consists of several behaviors, including limiting the number of Vendor-Ids present in the CER and LIR diameter messages to one. By default, the system aligns with RFC 3588 and sends out both Vendor-IDs in the diameter messages.

See the Compliance for the Vendor-Specific-Application-Id section in the IMS chapter of the ACLI Configuration Guide for detailed information about this feature.

Oracle Communications Session Router Platform Support

The Acme Packet 4900 supports the Oracle Communications Session Router. This support begins with S-Cz9.3.0p2.

ESXI Version Support

The SBC supports operation with ESXI version 8. This support begins with S-Cz9.3.0p2.

See the Supported Private Virtual Infrastructures and Public Clouds section in the Introduction chapter of these Release Notes for confirmation of this feature.

MAN 2.0 Compliance

You can configure the SBC to include compliance behaviors for the Number Authentication Mechanism 2.0 operations standards, referred to as MAN 2.0, by enabling the man-compliance option in the sti-config. This set of behaviors targets telecommunications SPAM traffic to reduce the impact and cost of this traffic on Service Providers and their customers.

This support is limited to a subset of the Number Authentication Mechanism 2.0 standard, implementing the following non-default behaviors:

• STI-VS Trigger Processing Behavior Changes
• Provide support for multiple scenarios in call rejection based on STI-VS response
• Provide enhanced CDR support with parameters used in STI-AS/VS Requests

This support begins with S-Cz9.3.0p2.

See the Number Authentication Mechanism Standards Compliance Features section in the STIR/SHAKEN chapter of the ACLI Configuration Guide for detailed information about this feature.

TACACS ARG Mode

When sending the Authorization query to the TACACS+ server, by default the SBC sends everything typed at the ACLI in the cmd parameter. For commands, this includes the command plus all of its arguments (for example, cmd=show interfaces brief). For configurations, this includes the full path of the configuration element plus its attributes and values (for example, cmd=configure terminal security authentication type tacacs). In the TACACS+ query, the cmd-arg parameter is set to <cr>.

This support begins with S-Cz9.3.0p2.

See the Supported Private Virtual Infrastructures and Public Clouds section in the Introduction chapter of the ACLI Configuration Guide for detailed information about this feature.

Bypassing Early Media Gating

You can configure the SBC to bypass gating and forward early media to untrusted domains. This feature resolves early media problems for situations including PEM gating when an UPDATE goes from the trusted side towards the untrusted side and the system prevents an early media announcement to play through the subsequent 18x. In this case, the default SBC behavior would be to gate the early media. To configure this feature, you enable the pass-pem-in-update option on the ingress sip-interface.

This support begins with S-Cz9.3.0p3.

See the Bypassing Early Media Gating section in the SIP Signaling chapter of the ACLI Configuration Guide for detailed information about this feature.

Concurrent Session License Usage

This feature allows the SBC to track the maximum values of it's licensed session usage over time. Specific 'high water marks' that the system stores includes total sessions, SRTP sessions, and transcoding Sessions on a rolling 365-day period with timestamps for auditing purposes. This can inform the customer and Oracle if and when it has exceeded its licensed session usage over specific windows for up to one year. You configure this feature by setting the peak-concurrent-license parameter within the system-config.

This support begins with S-Cz9.3.0p3.

See the Concurrent Session License Usage section in the Getting Started chapter of the ACLI Configuration Guide for detailed information about this feature.

Account Servers over IPv6

You can configure the SBC to use IPv6 over the RF interface in addition to IPv4 to support Diameter Accounting Servers. This allows you to support ACR exchanges between the system and CRF servers using IPv6. In addition, you can configure your account-server elements to perform A and AAAA DNS lookups for servers using IPv4 or IPv6 addressing.

This support begins with S-Cz9.3.0p4.

See the Diameter Accounting chapter of the Accounting Guide and the ACLI Reference Guide for information confirming this feature.

AVP for the TO Header

You can configure the SBC to support the Acme-SipHdr-TO AVP. This AVP conveys the value of TO headers in Rf deployments. The system uses this AVP to populate the string in the sipHdrTO from SIP methods into ACRs and CDRs. Enabling this feature causes the system record the SIP TO header in ACRs for all endpoints.

This support begins with S-Cz9.3.0p4.

See the Including the To Header in ACRs and CDRs section in the Getting Started chapter of this Accounting Guide for detailed information about this feature.

Configurations for non-Standard PT Cases

This feature adds Support for two configuration options you can use to support rare call flow issues associated with payload types. The first scenario includes non-transcoded call flow wherein a UAC presents an unexpected payload type (PT) within the context of a re-INVITE. This flow requires additional logic for the SBC to handle the re-INVITE. The second scenario includes the SBC handling payload types within the context of matching a codec-policy with traffic even though the sub-names are not the same. Both of these scenarios become supported when you enable their respective configuration options.

This support begins with S-Cz9.3.0p4.

See the Configurations for non-Standard PT Cases section in the Transcoding chapter of the ACLI Configuration Guide for detailed information about this feature.

Certificate Bundles with the REST API

See the REST API documentation for details.

Central Certificate Authority Management

The SBC allows you to create trusted root Certificate Authority (CA) lists that serve as global sets of certificates for multiple TLS profiles to reference. These lists consist of certificate-record names representing respective CA certificates on the SBC and can simplify certificate management by allowing you to manage these individual trusted root CA stores instead of multiple tls-profile elements. When you create a new certificate record, import a root CA, or when a root CA linked to a certificate record expires or is compromised, you only need to update the applicable global trusted CA list instead of manually updating every applicable TLS profile.

This support begins with S-Cz9.3.0p5.

See the Central Certificate Authority Management section in the Security chapter of the ACLI Configuration Guide for detailed information about this feature.

New PLMN-ID Insertion Cases

In addition to REGISTRATION scenarios, the SBC can use the latest PVNI header with the latest PLMN information in the INVITE/REINVITE/MESSAGE sip request’s 200 OK response towards the core. This occurs after S8HR inter-PLMN handover. These scenarios include those that generate a 200 OK toward the core during SIP MO INVITE signaling.

See the VPLMN-ID Management Support topic in the IMS Support chapter of the ACLI Configuration Guide for detailed information about this feature.

Managing IOI for Peering Endpoints

You can configure the SBC to manage P-Charging-Vector (PCV) headers and populate standard AVPs and CDRs with Originating and Terminating IOIs for peering deployments. This is separate from IOI management within access and P-CSCF applications. Configurations that apply to this feature include the ioi-for-unregistered option in the applicable account-config, and the charging-vector-mode settings on the applicable sip-interface elements.

See the Managing IOI for Peering Endpoints topic in the Diameter Accounting chapter of the Accounting Guide for detailed information about this feature.