Routing Sbc; Configuring Classification Rules - AudioCodes Mediant 3000 User Manual
Enterprise session border controller / voip digital media gateway
Hide thumbs
Also See for Mediant 3000:
- User manual (1070 pages) ,
- Installation manual (90 pages) ,
- Hardware installation manual (88 pages)
Table of Contents
Advertisement
29.4
Routing SBC
This section describes the configuration of the routing entities for the SBC application.
These include the following:
Classification rules - see 'Configuring the Classification Rules' on page
Condition rules - see 'Configuring Condition Rules' on page
IP-to-IP routing rules - see 'Configuring SBC IP-to-IP Routing' on page
Alternative routing reasons - see 'Configuring Alternative Routing Reasons' on page
453
29.4.1 Configuring Classification Rules
The Classification table enables you to configure up to 100 Classification rules.
Classification rules are used to classify incoming SIP dialog-initiating requests (e.g.,
INVITE messages) to source IP Groups from where the SIP dialog request originated. The
identified IP Group is later used in the manipulation and routing processes.
Classification rules also enhance security by allowing you to create a SIP access list,
whereby classified calls can be denied (i.e., blacklist) or allowed (i.e., whitelist).
The Classification table is used to classify incoming SIP dialog requests only if the other
classification stages fail, as described below:
1.
Classification Stage 1 - Registered Users Database: The device searches its
registration database to check if the incoming SIP dialog arrived from a registered
user:
•
Compares the SIP Contact header of the received SIP dialog to the Contact of
the registered user.
•
Compares the URL in the SIP P-Asserted-Identity/From header to the registered
address-of-record (AOR).
If this stage fails, the device proceeds to classification based on Proxy Set.
2.
Classification Stage 2 - Proxy Set: If the database search fails, the device performs
classification based on Proxy Set if the 'Classify By Proxy Set' parameter is enabled
for the IP Group (see 'Configuring IP Groups' on page 230). If enabled, the device
checks whether the INVITE's IP address (if host names, then according to the
dynamically resolved IP address list) is defined for a Proxy Set ID (in the Proxy Set
table). If a Proxy Set ID has such an IP address, the device classifies the INVITE to
the IP Group that is associated with this Proxy Set. (The Proxy Set ID is assigned to
the IP Group using the IP Group table's 'Proxy Set ID' parameter.)
Note:
If this stage fails (or Classify by Proxy Set is disabled), the device proceeds to
classification based on the Classification table.
3.
Classification Stage 3 - Classification Table: If classification based on Proxy Set
fails (or disabled), the device uses the Classification table to classify the SIP dialog to
an IP Group. If it locates a classification rule whose characteristics (such as source IP
address) match the incoming SIP dialog, then the SIP dialog is assigned to the
associated IP Group. In addition, if the classification rule is defined as a whitelist, the
SIP dialog is allowed and proceeds with the manipulation, routing and other SBC
User's Manual
For security purposes, it is highly recommended to disable the Classify by
Proxy Set feature so that the device can use the Classification table instead,
for "strict" classification of incoming calls to IP Groups. In addition, in cases
where multiple IP Groups are associated with the same Proxy Set ID, do not
use the Classify by Proxy Set feature.
440
Mediant 3000
440
445
446
Document #: LTRT-89729
Advertisement
Table of Contents
Troubleshooting
