AudioCodes Mediant 800B MSBR User Manual page 319
Multi-service business router; session border controller
Hide thumbs
Also See for Mediant 800B MSBR:
- User manual (1338 pages) ,
- Installation and maintenance manual (104 pages) ,
- Hardware installation manual (56 pages)
Table of Contents
Advertisement
User's Manual
Parameter
Web: Symmetric MKI
CLI: enable-symmetric-mki
[IpProfile_EnableSymmetricMKI]
Web: MKI Size
CLI: mki-size
[IpProfile_MKISize]
Web: Reset SRTP Upon Re-key
Version 6.8
the first SDP "m=" field.
The corresponding global parameter is
MediaIPVersionPreference.
Enables symmetric MKI negotiation.
[0] Disable = (Default) The device includes the MKI in
its SIP 200 OK response according to the
SRTPTxPacketMKISize parameter (if set to 0, it is not
included; if set to any other value, it is included with
this value).
[1] Enable = The answer crypto line contains (or
excludes) an MKI value according to the selected
crypto line in the offer. For example, assume that the
device receives an INVITE containing the following two
crypto lines in SDP:
a=crypto:2 AES_CM_128_HMAC_SHA1_80
inline:TAaxNnQt8/qLQMnDuG4vxYfWl6K7eBK/uf
k04pR4|2^31|1:1
a=crypto:3 AES_CM_128_HMAC_SHA1_80
inline:bnuYZnMxSfUiGitviWJZmzr7OF3AiRO0l5
Vnh0kH|2^31
The first crypto line includes the MKI parameter "1:1".
In the 200 OK response, the device selects one of the
crypto lines (i.e., '2' or '3'). Typically, it selects the first
line that supports the crypto suite. However, for SRTP-
to-SRTP in SBC sessions, it can be determined by the
remote side on the outgoing leg. If the device selects
crypto line '2', it includes the MKI parameter in its
answer SDP, for example:
a=crypto:2 AES_CM_128_HMAC_SHA1_80
inline:R1VyA1xV/qwBjkEklu4kSJyl3wCtYeZLq1
/QFuxw|2^31|1:1
If the device selects a crypto line that does not contain
the MKI parameter, then the MKI parameter is not
included in the crypto line in the SDP answer (even if
the SRTPTxPacketMKISize parameter is set to any
value other than 0).
Note: The corresponding global parameter is
EnableSymmetricMKI.
Defines the size (in bytes) of the Master Key Identifier
(MKI) in SRTP Tx packets.
The valid value is 0 to 4. The default is 0 (i.e., new keys
are generated without MKI).
Notes:
Gateway application: The device only initiates the MKI
size.
SBC application: The device can forward MKI size as is
for SRTP-to-SRTP flows or override the MKI size
during negotiation. This can be done on the inbound or
outbound leg.
The corresponding global parameter is
SRTPTxPacketMKISize.
Enables synchronization of the SRTP state between the
319
23. Coders and Profiles
Description
Mediant 800B MSBR
Advertisement
Chapters
Table of Contents
Troubleshooting
