ELTEX SBC-1000 User Manual Download Page 90 | Manualshive

Page: 90 / 211

ELTEX SBC-1000 User Manual Download Page 90

90

SBC session border controllers

4.1.8.3

Dynamic firewall

Dynamic firewall

— a utility that tracks attempts of access to various services. When constantly repeated

unsuccessful access attempts from the same IP address/host are discovered, the dynamic firewall blocks all further
access attempts from this IP address/host.

The following actions may be identified as an unsuccessful access attempt:

–

bruteforcing web interface or SSH authentication data, i.e. attempts to log in to the management interface
using a wrong login or password;

–

authentication data matching — accepting REGISTER requests from a known IP address, but with incorrect
authentication data;

–

receiving requests (REGISTER, INIVITE, SUBSCRIBE, etc.) from an unknown IP address;

–

accepting unknown requests via a SIP port;

–

the call falls under a rule with reject policy.

Security –> Dynamic firewall

Dynamic firewall parameters



Enable

— enable a firewall;

The following parameters can be configured separately for different services. All these parameters can be

reset to default values using the «Default» button.



Block time, sec

— time in seconds during which access from the suspicious address will be blocked;



Forgive time, sec

— time after which the address from which a suspicious request came will be forgotten if

it has never been blocked;



Access attempts before blocking

— the maximum number of unsuccessful attempts to access the service

before the host is blocked;



Block attempts before black-listing

— the number of blockages after which a problem address will be

forcibly blacklisted;



Progressive block

— when this flag is set, each subsequent address block will be twice as large as the

previous one, twice as few access attempts will be used to block the address. For example, the first time
the address was blocked for 30 seconds after 16 attempts, the second time – for 60 seconds after 8
attempts, the third time – for 120 seconds after 4 attempts and so on;



Don't blacklist blocked addresses

— when set, SBC does not send blocked addresses to the blacklist, the

«Progressive Block» option is ignored.

«
...
88
89
90
91
92
...
»

Summary of Contents for SBC-1000

Page 1: ...www eltex co com Session border controllers SBC 1000 SBC 2000 SBC 3000 User Manual Firmware Version 1 10 0 ...

Page 2: ...ort but make a call specifying one Version 1 7 29 10 2018 Documentation updated Version 1 6 08 09 2017 Changed the fail2ban section renamed Dynamic firewall the firewall profiles section renamed Static firewall blocking rules in a dynamic firewall are separated for different ser vices the MTR section renamed TRACEROUTE Added SIP header manipulation management of call statistics counters RTP source...

Page 3: ...he con figuration optioning of the SIP header format Version 1 2 21 01 2016 Added an alarm about full external storage devices different modes for creating CDR files the use of directories for CDR files single RTP port range Version 1 1 12 08 2015 Added a safety timeout to reject calls without media streams switching through monitoring the number of calls maximum current and minimum val ues on the...

Page 4: ...ntended for technical personnel that performs device installation configuration monitoring and maintenance using a web configurator Qualified technical personnel should be familiar with the operation basics of ТСР IP UDP IP protocol stacks and Ethernet networks design concepts ...

Page 5: ...word recovery 21 WEB password recovery 21 2 9 Delivery Package 22 2 10 Safety instructions 23 General guidelines 23 Electrical Safety Requirements 23 Electrostatic discharge safety measures 23 Power supply requirements 23 2 11 SBC installation 24 Startup procedure 25 Support brackets mounting 25 Device rack installation 26 Power module installation 26 Removing the housing 27 Installation of ventil...

Page 6: ...cture 146 SBC 2000 switch interface management commands 147 Aggregation group configuration commands 153 VLAN interface management commands 155 STP RSTP configuartion commands 155 MAC table configuration commands 158 Port mirroring configuration commands 159 SELECTIVE Q IN Q feature configuration commands 162 DUAL HOMING protocol configuration 164 LLDP configuration 166 QoS configuration 172 Confi...

Page 7: ...ted via NAT Network Address Translation collecting statistics on the calls served through SBC 2 DEVICE DESCRIPTION 2 1 Purpose Eltex SBC is a component of the ECSS 10 hardware and software complex which participates in the call service process as a session border controller The device provides normalization of the signal protocol implementations the set SLA level of quality protection of the carri...

Page 8: ...figuration and setup also remotely Web interface CLI3 Telnet console RS 232 remote monitoring web interface CLI SNMP SIP SIP T SIP I functionality SIP L5 NAT Topology hiding SIP dialogue transparency SIP transit of unrecognized headers B2BUA as defined in RFC 3261 RFC 2833 Telephone Event RFC 3264 Offer Answer RFC 3204 MIME Support RFC 4028 Session Timers RFC 3326 Reason Field RFC 3262 PRACK RFC 3...

Page 9: ...Application Diagrams This manual proposes several network layouts using SBC Interaction between operators Figure 1 Use case Interaction between operators Interaction between operator and corporate client Figure 2 Use case Operator corporate client ...

Page 10: ...ions VoIP protocols Supported protocols SIP Т SIP I SIP T 38 Supported codecs Audio codecs G 711 a law G 711A in text G 711 μ law G 711U in text G 729 A B G 723 1 6 3 Kbps 5 3 Kbps G 726 32 Kbps Video codecs H 263 H 263 1998 H 264 Electrical Ethernet interface specifications No of interfaces SBC 1000 SBC 2000 SBC 3000 3 4 4 Electric port RJ 45 Data rate Mbps Autodetection 10 100 1000Mbps duplex St...

Page 11: ...cording to ITU T V 28 guidelines Other interfaces Interface Quantity USB 1 for SBC 1000 2000 2 for SBC 3000 e SATA 2 General parameters Operating temperature range From 0 to 40 C Relative humidity Up to 80 Power options single AC or DC power supply two AC or DC power supplies Power supply AC DC Power supply voltage 220V 20 50 Hz 48V 30 20 PM designation PM160 220 12 PM100 48 12 PM rated power 160 ...

Page 12: ...l elements Description 1 USB USB port for external storage device connection 2 F Function button 3 Console RS 232 console port for local control of the device 4 10 100 1000 0 2 3 x RJ 45 ports of Ethernet 10 100 1000 Base T interfaces 5 SFP 0 SFP 1 2 chassis for 1000Base X Gigabit uplink interface optical SFP modules used for IP network connection 6 E1 Line 0 7 E1 Line 8 15 2 x CENC 36M connectors...

Page 13: ...e front panel of device is shown in Figure 6 Figure 6 The front panel of SBC 2000 based on SMG 2016 Connectors LEDs and controls located on the front panel of the device are listed in Table 4 Table 4 Description of connectors LEDs and controls located on the front panel Front panel elements Description 1 SATA disk ports Cradle connectors for SATA drive installation 2 F Function button 3 Console Co...

Page 14: ...tor1 Power Device power indicator RPS Device aux power indicator FAN Fan operation indicator USB USB operation indicator The rear panel of the device is shown in Figure 7 Figure 7 The rear panel of SBC 2000 based on SMG 2016 The Table below lists rear panel connectors of the device Table 5 Description of rear panel connectors of the switch Rear panel element Description 1 Power modules Modules wit...

Page 15: ...witch with other SMG ports 4 F Function button 5 USB USB ports for external storage devices connection 6 1 2 2 x 10 100 1000BASE T Gigabit uplink interface RJ 45 connectors used for IP network connection 7 3 4 2 chassis for 1000BASE X uplink interface SFP modules used for IP network connection 2 x 10 100 1000BASE T Gigabit uplink interface RJ 45 connectors used for IP network connection 8 E1 Line ...

Page 16: ...t of the device 2 5 LED Indication LED indicators located on the front panel represent the current state of the device Device light indication in operation 2 5 1 1 SBC 1000 Light indication of the device in operation is shown in Table 8 Table 8 Light indication of the device operational status Indicator Indicator State Device Status Info1 off SFP0 link lost solid green SFP0 link in operation Info2...

Page 17: ...e or both removable fan modules are not installed USB solid green USB flash is installed off USB flash is not installed 2 5 1 3 SBC 3000 Light indication of the device in operation is shown in Table 10 Table 10 Light indication of the device in operation Indicator Indicator State Device Status Alarm Flashes red Critical device failure Solid red Non critical device failure Solid yellow No failures ...

Page 18: ...lowing pattern appears The device will be rebooted in 3 seconds 2 green red yellow red Reset to factory defaults has been initiated This LED pattern will appear only when the device boot begins 3 yellow yellow yellow yellow At this step LED functionality check will be performed all LEDs including SATA 0 and SATA 1 will light up yellow 4 off off green green At this step the gateway operating system...

Page 19: ...so possible to reset to factory settings on the device being switched on In this case skip the 1st step 2 5 3 3 SBC 3000 Light indication when resetting SBC 3000 to factory settings is the same as for SBC 2000 see section 2 5 3 2 Light indication of alarms Table 14 contains detailed description of alarms represented by the status of the Alarm LED Indication of CDR files saving If the FTP server is...

Page 20: ...a Telnet SSH or console with login admin password rootpasswd via web interface with login admin password rootpasswd Next you may save the factory configuration restore password or reboot the device 2 7 Saving factory configuration To save the factory configuration reset the device to factory settings Section 2 5 3 connect via telnet or console with login admin password rootpasswd Enter the sh comm...

Page 21: ... will be restored on the device without password recovery The gateway will be restarted with the current configuration and an old password Welcome to SBC 1000 smg login admin Password rootpasswd Welcome to SBC 1000 Welcome It is Fri Jul 2 12 57 56 UTC 2010 SBC sh home admin restore New image 1 Restored successful home admin passwd admin Changing password for admin New password 1q2w3e4r5t6y Retype ...

Page 22: ...he device without password recovery The gateway will be restarted with the current configuration and an old password Welcome to SBC 1000 smg login admin Password rootpasswd Welcome to SBC 1000 Welcome It is Fri Jul 2 12 57 56 UTC 2010 SBC sh home admin restore New image 1 Restored successful This step is used to change the password from the WEB home admin save tar removing leading from member name...

Page 23: ...with an earth bonding point The earthing wire should be securely connected to the earth bonding point The resistance between the protective earth terminal and the earth bus must not exceed 0 1 Ohms PC and measurement instruments should be grounded prior to connection to the device The potential difference between the equipment case and the cases of the instruments must not exceed 1 V Prior to turn...

Page 24: ...4 5 AC power supply requirements AC power supply parameters should be as follows Maximum allowed voltage 220 V Power supply should feature residual current device RCD Insulation strength of AC power supply circuits against the housing should withstand at least 1000 V peak in normal conditions 2 11 SBC installation Check the device for visible mechanical damage before installing and turning it on I...

Page 25: ...ged and securely connected 5 Turn the device on and check the front panel LEDs to make sure the terminal is in normal operating con ditions Support brackets mounting The delivery package includes support brackets for rack installation and mounting screws to fix the device case on the brackets Figure 10 Mounting brackets for SBC 1000 left and SBC 2000 right Figure 11 Mounting brackets for SBC 3000 ...

Page 26: ... rack Figure 12 Rack mounting of SBC 1000 left and SBC 2000 right Figure 13 Rack mounting of SBC 3000 Power module installation Device can operate with one or two power modules The second power module installation is necessary when the device operates under strict reliability requirements From the electric point of view both places for power module installation are identical In the context of devi...

Page 27: ...ists in the manufacturer s service center The installation of the power modules is shown in the Figure below Figure 14 Power module installation Removing the housing First disconnect the device from the power supply disconnect all the cables and remove the device from the rack if necessary see Section 2 11 3 Device rack installation Figure 15 Case opening procedure of SBC 1000 based on SMG 1016M ...

Page 28: ...sed on SMG 2016 Figure 17 Case opening procedure of SBC 3000 based on SMG 3016 1 Use a screwdriver to remove support brackets from the device housing 2 For SBC 1000 only the front panel retaining screws must be unscrewed then pulled to separate from the top and side panels Figure 15 ...

Page 29: ...ing the device into case 1 Support brackets mounting for rack installation 2 Housing parts mounting 3 Board ventilation unit covers guides mounting 4 Fan mounting screw 5 Earthing screw During the device assembly avoid using inappropriate screw type for the operations specified Changing screw type may cause the device failure Figure 19 Assembly into housing During SBC assembly fit the manufacturer...

Page 30: ...se mounting Figure 21 Ventilation unit in SBC 2000 based on SMG 2016 Case mounting Figure 22 Ventilation unit in SBC 3000 based on SMG 3016 Case mounting To remove a ventilation unit perform the following actions 1 Use a screwdriver to remove the screws fixing the ventilation unit to the rear panel 2 Carefully pull the unit until it is removed from the case 3 Disconnect the unit from the device so...

Page 31: ...1 Connect the unit to the socket 2 Insert the unit into the case 3 Screw the ventilation unit to the rear panel SSD installation for SBC 1000 Figure 24 SSD installation procedure Figure 25 SSD mounting procedure 1 Check if the device is supplied with power 2 If yes disconnect the power supply 3 Remove the device from the rack if necessary see Section 2 11 3 ...

Page 32: ... may be additionally included in the device delivery package A drive slot is designed to accomodate 2 5 for factor drives up to 12 5 mm thick Installation of SATA drives 1 Remove the cradle from the device housing Figure 6 Element 1 To do this press the button on the right until the ejector knob is released pull the knob to remove the cradle from the housing 2 Remove the mounting kit located under...

Page 33: ...ent time date day of the week etc located on the device board features a battery which specifications are listed in the Table below Battery type Lithium Form factor CR2032 CR2024 installation is possible Voltage 3V Capacity 225mAh Diameter 20 mm Thickness 3 2mm Shelf life expiration date 5 years Storage conditions from 20 to 35 С Figure 29 RTC battery position for SBC 1000 based on SMG 1016M ...

Page 34: ...e is supplied with power 2 If yes disconnect the power supply 3 Remove the device from the rack if necessary see Section 2 11 3 4 Open the casing of the device more information in Section 2 11 5 5 Remove the used battery Figure 29 Figure 30 and Figure 31 and install a new one into the same position For the device assembly repeat all mentioned steps in the reverse order If NTP synchronization is di...

Page 35: ...ed DNS and NTP servers on the network It is better to place the equipment behind a firewall with ingress filtering configured on it 3 1 Ensuring call security SBC has several mechanisms for call security A built in firewall that provides the following functions more details in section 4 1 8 5 Static firewall Filtering by IP address port and protocol Filtering of users by geographical area GeoIP Fi...

Page 36: ...4 1 SBC configuration via web configurator To configure the device establish connection using a web browser hypertext viewer e g Google Firefox Internet Explorer etc Enter the device IP address in the browser address bar SBC factory default IP address 192 168 1 2 network mask 255 255 255 0 After entering IP address the device will request username and password You can also select an interface lang...

Page 37: ...sted menus Settings field based on user s choice Allows viewing device settings and enter configuration data Control panel panel for controlling the settings field and device firmware status Management menu drop down menus for the settings field and device firmware status management Alarms displays the current highest priority alarm and serves as a link for the fault events log operations Authoriz...

Page 38: ...rol panel Add an object Edit object Delete an object View object Management buttons controls for working with settings the field To prevent unauthorized access to device in the future it is recommended to change password see Section 4 1 8 1 The button Tooltip next to an edit item provides an explanation of the parameter System settings This section is used to configure system parameters and reques...

Page 39: ... 1 Unit ok or absent 3 24 09 13 20 03 31 state OK MSP module lost 1 4 24 09 13 20 03 34 state OK MSP module lost 2 5 24 09 13 20 03 38 state OK MSP module lost 3 6 24 09 13 20 03 42 state OK MSP module lost 4 File format description 0 1 2 event ordinal number 24 09 13 event occurrence date 20 03 22 event occurrence time ALARM OK event current state OK alarm is resolved ALARM alarm is active Table ...

Page 40: ...system Restricting SUBSCRIBE request processing when the flag is set alarms on exceeding the maximum num ber of simultaneous SUBSCRIBE requests set under SBC requests processing restrictions will be sent to the control system Restricting other request processing when the flag is set alarms on exceeding the maximum number of simultaneous requests other than INVITE and SUBSCRIBE will be sent to the ...

Page 41: ...y within this time range Example of firmware description file 1 8 0 99 smg2016_firmware_sbc_1 8 0 99 bin 1 8 0 100 smg2016_firmware_sbc_1 8 0 100 bin 9 13 Enable autoupdate enable automatic configuration and firmware updates Source selecting a source of information about the server Static server information is entered in the appropriate field and stored on SBC DHCP interface name server informatio...

Page 42: ... to which the upload will be made Port the server port to which the upload will be made Path to file the directory on the server where the configuration will be saved Username the name for authentication when using the FTP protocol Password the password for authentication when using the FTP protocol Monitoring 4 1 2 1 Telemetry This section contains information on the device telemetric sensor read...

Page 43: ...nsor 1 2 V information on the status of the 1 2 V voltage sensor 1 0 V information on the status of the 1 V voltage sensor CPU information on the supply voltage status of the CPU CPU Vcore information on the supply voltage status of the CPU core RTC battery real time clock battery voltage status details CPU load USR the percentage of CPU time used by user programs SYS the percentage of CPU time us...

Page 44: ...ontains status indication and optical line parameters Monitoring SFP modules SFP port 0 status SFP port 1 status optical module status miniGBIC presence module installation indication module installed module not in stalled Signal status indication of signal loss signal lost in operation Temperature C optical module temperature Voltage V optical module power supply voltage V TX bias current mA bias...

Page 45: ... of transmitted packets 4 1 2 5 Alarm events list When an alarm occurs information about it is displayed in the header of the Web Configurator If there are several active alarms the web configurator header will display the most critical one at the time When there are no alarms the message No alarms will be shown In the Alarm events list menu the list of alarm events ranked by date and time is disp...

Page 46: ...the reserve device either completely or on one of the links In the second case the parameters will indicate on which link the connection is lost Change of state in the reserve group Renegotiation of the devices in the reserve State fault state status critical alarm flashing red LED fault requires immediate intervention of the service per sonnel affects device operation and provisioning of communic...

Page 47: ...cribers list This submenu displays subscribers registered via SBC 2000 In the field Rows in the table to show the number of entries to be displayed on the page is specified The table on the right contains the current page number and the total number of pages To navigate between pages the arrows under the table are used A single arrow is for moving to the next previous page a double one is to displ...

Page 48: ...ss and a port of a device that approved a subscriber s registration This is usually a Softswitch address and port SIP User the name of the SIP User via which the subscriber has registered SIP Destination the name of the SIP Destination to which the subscriber registration request has gone and from where it has been approved Below the table there are the following buttons Delete allows removing a s...

Page 49: ...field values for subscriber B The right table contains details of the call To display it left click on the corresponding entry in the left table Information on active sessions table on the right Reload extended session info clicking the Update button updates the current status of the session in the monitor Field the headers of the main fields e g From and To which are transmitted during the call U...

Page 50: ... is updated every three seconds Monitoring Reservation 4 1 2 10 Reservation Monitoring Reservation Model device model Serial number device serial number MAC address device MAC address State master the device is a master slave the device is a slave Link local the device is available via a local link global the device is available via a global link Open Web open the web interface of the slave device...

Page 51: ...he following information Total calls duration the total time of all calls that have passed through the selected item Incoming call legs the total and current number of incoming calls Outcoming call legs the total and current number of outcoming calls Message received how many SIP messages were received by the item all dialogue messages both requests and replies are counted Message send how many SI...

Page 52: ...linked to the interface and IP address of the call source Then a corresponding set of rules is checked according to the destination setting If the signalling matches any of the rules in the set where the action send to destination or send to trunk is specified the call is passed to the destination specified in the rule The destination selected as outgoing indicates the transport through which the ...

Page 53: ... SIP Transport This submenu allows editing the list of transport that will serve as entry points into the tunnels Up to 256 transports can be created To create edit or remove interfaces use Objects Add an object Objects Edit an object and Objects Remove an object and the following buttons Add Edit Delete SBC Configuration SIP Transport SBC Configuration SIP Destination Add or Edit Transport parame...

Page 54: ... Edit Delete SBC Configuration SIP Destination SBC Configuration SIP Destination Add or Delete Destination parameters Name an arbitrary name for identification convenient for the operator SIP transport transport to be used to receive calls to and from the destination Remote Address the address of the remote node which is associated with this destination Calls to the destination from an IP address ...

Page 55: ...C ignores the origin sequence inconsistencies in SDP MTA M 200 when using this adaptation SBC does not check the port specified in the Request URI when incoming calls are received Preserve Contact header value when using this option SBC does not substitute the contact field in requests sent to the second leg Preserve domain from the FROM and TO headers When using this option SBC will drop the doma...

Page 56: ...l request will be sent to the SIP server if the previous OPTIONS request was con firmed Keep alive timeout for dead server sec after previous OPTIONS transaction finished the time interval after which an OPTIONS control request will be sent to the SIP server if the previous OPTIONS request was not con firmed Input max CPS value the number of calls per second that can be received by SIP Destination...

Page 57: ...te all requests from the interacting server The setting in the Remote Address field does not apply the address obtained in the contact during registration is used If there is no registration the destination will be considered unavailable and no calls will be sent from it but they will always be received Expires s update period for registration on the server used for UAC registration type Username ...

Page 58: ...state Dest1 192 0 2 1 5060 disabled Dest2 192 0 2 1 5061 disabled Dest3 192 0 2 1 5062 enabled Requests from 192 0 2 1 5060 192 0 2 1 5062 will be handled by destination Dest1 Dest3 ac cording to their addresses since they match exactly what is configured in the remote address The request from 192 0 2 1 5090 will get to Dest3 because the request does not fit any remote address setting but Dest3 ig...

Page 59: ...bject Test call Pass the header group from the first leg unchanged Additional headers on the first leg P Asserted Identity sip username domain P Called Party ID sip username domain Privacy id Subject Test call sipheader P transit Note that the following rule sipheader transit will not work as the character can only replace part of the name The specified headers appear on the second leg P Asserted ...

Page 60: ...UP Complex modification example From sip who host tag aBc sipheader from DISPLAY who 12345 user phone line abc From DISPLAY sip 12345 host user phone tag aBc line abc Example sipheader Accept disable sipheader user agent disable In this example all SIP messages sent via this SIP interface will not have the fieldsAccept and user agent List of mandatory SIP message fields that cannot be modified via...

Page 61: ...P under 1300 bytes via UDP UDP only use only UDP protocol TCP only use only ТСP protocol SIP header format defines the format for SIP headers transmission full use a normal long header format compact use a short header format RADIUS profile RADIUS profile for incoming calls authentication and authorization more information in section 4 1 9 Preserve Contact header value when using this option SBC d...

Page 62: ...ejected Requested Session Expires value RFC 4028 s when checked SIP session timers are supported RFC 4028 Session update is supported by transmitting re INVITE requests during the session This parameter defines the time period in seconds after which a session will be forcibly terminated if the session is not updated in time from 90 to 64800 s the recommended value is 1800 s The RTP RTCP packet wai...

Page 63: ...ethod to a SIP INFO application hook flash request and transmits it to the communicating channel Allow redirection allows 302 responses processing When disabled SBC will end the call when 302 response is received from B When enabled SBC will process 302 responses as follows after receiving a subscriber C contact SBC will try to send the call to him notifying side A that the call has been redirecte...

Page 64: ...g the icon Delete in the selected row The green arrows below the list allow moving the highlighted entries in the table adjusting the order priority of the destinations created 4 1 3 5 Rule set In this section the rules for switching calls via SBC are configured Up to 512 rule sets can be created in total in which up to 1000 rules can be distributed The limit on the number of rules is common to th...

Page 65: ...val during which the rule will be enabled Outside this interval the rule will not work The setting format is a time range written as HH MM HH MM Conditions The Conditions section is used to set the conditions for determining whether a message falls under the rule or not The left column contains a list of conditions and the right column contains their values The rule must contain at least one condi...

Page 66: ...has been escaped see paragraph 11 for details 2 Digit sequence enclosed in square brackets corresponds to any of the characters enclosed in brackets Example 01459 corresponds to one of the digits 0 1 4 5 or 9 3 A range of characters can be specified in square brackets separated by a dash Example 4 9 corresponds to one of the numbers from 4 to 9 Example a d4 97 a combination of the previous options...

Page 67: ...ight and then contains 10 digits Example 4 0 4 5 3 4 a string that starts with 40 41 42 43 44 53 or 54 11 To match special characters used in a regular expression escape them with a backslash Example 7 a string that starts with 7 4 1 3 6 RTP ports range In this section you may configure UDP port range for voice RTP packets transmission It is possible to specify from 1 to 32000 ports SBC Configurat...

Page 68: ...ailable for configuration Name displayed statistics group name Invisible when checked the group will not be displayed in the statistics view Answer codes list here the SIP codes of responses are entered to account for the selected group of sta tistics Codes between 400 and 699 in numeric form separated by spaces commas tabs or line breaks are allowed 4 1 3 8 CDR settings This section is used to co...

Page 69: ...dically CDR file is created after a specified period of time since the device was booted once per day CDR file is created once a day at a specified time once per hour CDR file is created once an hour at a specified time Saving period Days Hours Minutes period of CDR records formation during this period CDR records are stored in the main memory after that they are saved to the local storage source ...

Page 70: ...to the date of creation of the CDR file the format of the name is cdrYYYYMMDD for example cdr20150818 single directory all CDR records are saved in a single cdr_all directory on the selected drive Keep file for Days Hours Minutes storage period of CDR records on the local disk drive The device has 30MB in RAM for storing CDR records If the volume of received CDRs exceeds the 30MB threshold before ...

Page 71: ...headers when a connection is established in the direction from the caller SRC_VIA IP address from the Contact header of the caller SRC_CONTACT information about the callee callee number KOD_B callee trunk number not implemented in the current version N_TR_GR_B IP address of the callee gateway DST_IP IP address from the Contact header of the callee DST_CONTACT call duration sec T_ECD disconnection ...

Page 72: ...at allows a computer to establish secure connection with a server by creating a special tunnel in a common unsecured network One of VPN forms 4 1 4 1 Routing table In this submenu you may configure static routes A total of up to 255 routes can be configured Static routing allows you to route packets to defined IP networks or IP addresses through the specified gateways Packets sent to IP addresses ...

Page 73: ...to save and reset parameters respectively 4 1 4 2 Network Settings In this submenu you may specify the device name change the network gateway address DNS server address and SSH Telnet access ports Network subsystem Network settings Hostname network name of the device Use gateway from select network interface that the gateway will consider as a primary for the device Primary DNS primary DNS server ...

Page 74: ...r requires a DHCP server in the carrier network IP address device network address Network mask network mask for device Gateway default gateway Gateway by DHCP obtain the gateway address from the DHCP server DNS address by DHCP obtain DNS server IP address dynamically from DHCP server NTP address by DHCP obtain NTP server IP address dynamically from DHCP server Class of service set the traffic prio...

Page 75: ...elect VPN pptp client in the Type field special settings will become available Network label network name Firewall profile show the selected firewall profile for the current interface Type VPN pptp client Enable enable VPN PPP interface PPTPD IP PPTP server IP address Username username login used by the device for the network connection Password VPN connection password Options Ignore default gatew...

Page 76: ...n period min time synchronization request transmission period The Save and Cancel buttons are used to save and discard changes To perform forced time synchronization with the server click Restart NTP client button NTP client will be restarted 4 1 5 2 SNMP SNMP Simple network management protocol It allows the device to send real time messages on occurred failures to controlling SNMP manager In addi...

Page 77: ...in 8 characters or more To apply SNMPv3 user configuration click Add button settings will be applied immediately To remove an entry click Delete button 4 1 5 2 3 SNMP trap configuration For detailed monitoring parameters and Traps description see MIB files on disk shipped with firmware SNMP agent sends SNMPv2 trap message when the following events occur Configuration error subscriber registration ...

Page 78: ...twork services VPN PPTP server VPN PPTP server settings Enabled start the service at startup reboot Server address IP address that will be reported as the server address to all connecting PPTP clients First client address Last client address range of IP addresses assigned to PPTP clients Network interface select the interface to connect to the VPN PPTP server DNS server address of the DNS server w...

Page 79: ...presented in the L2TP packet load Use hidden AVP use of hidden AVPs more details in RFC 2661 Enable Web Enable Telnet Enable SSH the availability of the corresponding management service at the specified address Enable SNMP Enable RADIUS flag to enable the corresponding client at the specified address Server status information is updated by clicking the Update button next to the header 4 1 5 5 VPN ...

Page 80: ...terfaces This function doesn t have to be supported by the switch balance xor packet transmission is allocated among the interfaces merged according to the formula source MAC address XOR destination MAC address number of interfaces A certain interface operates with a specific recipient This mode allows balancing the load and increasing the robustness 802 3ad dynamic port aggregation This mode enab...

Page 81: ...cure for all ports For VLAN operation use Enable VLAN Default VLAN ID and Override settings Also routing rules de scribed in 802 1q routing table in 802 1q tab will apply 4 802 1q Port based VLAN 802 1q mode may be used in combination with Port based VLAN In this case IEEE Mode value should be set to Fallback for all ports mutual availability of data ports should be set to Output with the respecti...

Page 82: ...uting table the incoming port does not have to be a VLAN member in the 802 1q table The frame is transmitted to the outgoing port if this port is the VLAN member in the 802 1q table and is allowed in the output section of the incoming port settings secure frame is received by incoming port if its 802 1q tag is contained in the 802 1q routing table and the incoming port is the VLAN member in the 80...

Page 83: ...performs when transmitting a packet with the specified VID unmodified packets are transmitted with no changes i e in the same form as they were received untagged packets will always be sent without VLAN tag by this port tagged packets will always be sent with VLAN tag by this port not member packets with specified VID are not transmitted by this port i e the port is not a member of this VLAN group...

Page 84: ...p only distribute packets into queues based on 802 1р priority only DSCP 802 1p distribute packets into queues based on IP diffserv and 802 1р priorities if both priorities are present in the packet IP diffserv priority is used for queuing purposes 802 1p DSCP distribute packets into queues based on IP diffserv and 802 1р priorities if both priorities are present in the packet 802 1p priority is u...

Page 85: ...idth restriction for traffic incoming to a queue 3 port You can double the bandwidth prev prio 2 of priority 2 or leave it unchanged same as prev prio Egress packets limit mode when this flag is checked bandwidth limitation for outgoing traffic from the port is allowed Speed limit for egress packets bandwidth limitation for outgoing traffic from the port Permitted values from 70 to 250000kbps Appl...

Page 86: ...es will be restored Default set default settings Save save settings into the device flash memory without applying them Network utilities 4 1 7 1 PING This utility is used for device network connection route presence check Network utilities PING IP Probing used for a single time device network connection control To send an echo request Ping enter host IP address or network name in the IP probing fi...

Page 87: ...t to the required address 4 1 7 2 TRACEROUTE The TRACEROUTE utility performs the route tracing function and ping tests to monitor the network This function allows evaluating the connection quality for the tested node Network utilities TRACEROUTE In the Host name or IP address to test connection quality field enter the IP address of the network device to test the connection quality To use the optio...

Page 88: ...re changed In the section Set the administrator password for web interface a password to access the web interface of the admin user is set In the section Web interface users web interface users are created and their rights are assigned Up to 10 users can be created To create a user click Add In the window on the right select a username a password and confirm the password Then specify user rights a...

Page 89: ...HTTPS is possible only when a generated certificate is present Generate new certificates These parameters should contain Latin characters only Country code country code for Russia RU Region the name of a region province territory republic etc City city name Company name organization name Department the name of the unit or department E mail e mail address Hostname or IP address the IP address of th...

Page 90: ...parameters can be configured separately for different services All these parameters can be reset to default values using the Default button Block time sec time in seconds during which access from the suspicious address will be blocked Forgive time sec time after which the address from which a suspicious request came will be forgotten if it has never been blocked Access attempts before blocking the...

Page 91: ... single IP address and subnet in CIDR notation 192 0 2 0 24 When a subnet is deleted single addresses and subnets included in that subnet will also be deleted To delete addresses you can also select the required addresses using the checkboxes and click the Delete button below the list 4 1 8 4 Blocked addresses list The submenu is used to view the log of addresses blocked by the dynamic firewall In...

Page 92: ... failed Authentication is wrong Incoming call or registration failed to be authenticated Response 403 Request error INVITE failed Unknown original address A call from an unknown destination The call is forwarded to the mgapp where a decision is made whether to allow or reject it Request error INVITE failed RURI not for me Unknown host name or address in RURI Response 404 Request error BYE failed C...

Page 93: ...ces The total number of firewall rules is the same for all profiles and is 1000 rules Security Static firewall Add When a rule is created you should configure the following parameters Name rule name Enable defines whether the rule will be used When unchecked the rule will be inactive Traffic type type of traffic for the rule being created Ingress intended for SBC Egress transmitted by SBC Rule typ...

Page 94: ...ed for TCP and UDP only thus select UDP TCP or TCP UDP in the field in order to make this field active Destination address defines the packet recipient network address either for all addresses or a particular IP address or network any for all addresses checkbox is selected IP address mask for a particular IP address or network Field is active when any checkbox is deselected For a network the mask ...

Page 95: ...so in the firewall profile you may specify network interfaces that these profile rules will be applied to Each network interface may be used only in a single firewall profile at a time If you attempt to assign a network interface to a new profile it will be removed from the previous one To apply the rules click Apply button that will appear when the changes are made into the firewall settings 4 1 ...

Page 96: ...ood defense when activated the SBC will not respond to ICMP type 8 echo and ICMP type 13 timestamp requests Enable Port Scan detection this mode checks for too frequent requests to different ports from the same address Enable prohibited user agents filtering SIP requests by User Agent When you activate this option a list of banned User Agents will appear on the right On this list you can Add a new...

Page 97: ...re worked out section 4 1 3 2 Protection rules for SIP destination are formed automatically By default it is checked that the UDP can only be accessed from a specified remote address and port For TCP and for UDP with the Ignore source port for incoming calls option only the remote address is checked If the Allow redirection option is set the remote address is not controlled you should use a static...

Page 98: ... access through the list of allowed IP addresses section 4 1 8 6 Automatic blocking of unsuccessful requests authorizations Performed by the dynamic firewall section 4 1 3 2 You should enable the dynamic firewall and configure the triggering conditions It is also recommended to whitelist those addresses and subnets to which the automatic blocking rules should not be applied RADIUS configuration Th...

Page 99: ...trictions allow all calls deny all deny all calls User name field select the value of the User Name attribute in the corresponding Access Request RADIUS Authorization package SIP username use the caller phone number username from the from field as the value IP address use the caller IP address as the value SIP interface name use the name of the SIP server through which the incoming occupation is p...

Page 100: ...ng a single or multiple object identifiers and preceding qualifiers Object identifier may be represented by its name or number Object qualifiers 1 type indicates the object type specified by identifier Object type may be represented by the following values host net port If object type is not defined host value will be assumed 2 dir defines the direction towards the object The following values are ...

Page 101: ...tering of all Ethernet broadcasting frames Keyword ether may be omitted ip6 multicast filters packets with IPv6 group addresses For detailed information on packet filtering see specialized resources Start begin data collection Stop finish data collection Restart restart data collection After stopping the packet capture the right side of the file list will allow you to select to download the dump f...

Page 102: ...COMMENDED to use system log without due cause System log should be used only when problems in gateway operation occur and you have to identify the reason To define the necessary debug levels consult a Eltex Service Centre Specialist Traces allows saving the log of device components operation and interaction as well as message exchange via various protocols In tracing parameters you may configure t...

Page 103: ...vice Restart software menu To restart the device completely select Service Restart device menu To perform forced time re synchronization with NTP server select Service Restart NTP client menu To generate and save logs on the device select the Service Save logs to file menu The archive with logs can be found under PCAP traces files and folders in the tracing directory An example of the name of the ...

Page 104: ... in A firmware image field using Browse button and click Upload When the operation is completed restart the device using Service Device restart menu Licenses To update add licenses you should obtain a license file Contact Eltex marketing department by email eltex eltex co ru or phone 7 383 274 48 48 and provide device serial number and MAC address see Section 4 1 17 Next select License upgrade par...

Page 105: ...m info Factory settings Serial number and MAC address are also listed on the label located in the lower part of the device housing To view the detailed system information factory settings SIP adapter version current date and time uptime network settings internal temperature click System info link in the control panel Exit the configurator When you click the Exit link on the panel the following win...

Page 106: ...NTH YEAR HOURS MINS 1 31 1 12 2011 2037 00 23 00 59 Set the local date and time on the device firmware update tftp FILE SERVERIP firmware file name IP address in AAA BBB CCC DDD format Firmware update without gateway restart FILE firmware file name SERVERIP TFTP server IP address firmware update ftp FILE SERVERIP firmware file name IP address in AAA BBB CCC DDD format Firmware update without gatew...

Page 107: ...BC via TFTP tftp put LOCAL_FILE REMOTE_FILE SERVERIP string string IP address in AAA BBB CCC DDD format Upload a file to TFTP The command is used to download traces taken by the tcpdump and pcmdump commands Change device access password Given that you may connect to the gateway remotely via Telnet we recommend changing the password for admin user in order to avoid unauthorized access To do this yo...

Page 108: ...s in json format registration show info REG_INDEX integer Show registration details Registration management Command Parameter Value Action registration del REG_INDEX 0 4095 all Delete subscriber registration registration unblock REG_INDEX 0 4095 Unblock subscriber Operations with SIP statistics 4 2 6 1 Enable disable mode Command Action statistics sip_counters enable Enabling SIP statistics counte...

Page 109: ...e the current configuration into non volatile memory of the the device into start configuration copy startup_to_running Restore the current configuration from the start configuration dos protection Enter the DoS protection configuration mode firewall dynamic Enter the dynamic firewall configuration mode firewall static Enter the static firewall configuration mode global set Invite per 3 sec other ...

Page 110: ...ervers Show the initial RADIUS server configuration sip destination Enter the SIP destination configuration mode sip transport Enter the SIP transport configuration mode sip users Enter the SIP users configuration mode snmp Enter the SNMP configuration mode switch Enter the internal switch configuration mode syslog Enter the syslog parameter configuration mode top Return to level back trunk Enter ...

Page 111: ... 2 7 3 DoS protection configuration mode To enter this mode execute dos protection command in the configuration mode SBC2000 CONFIG dos protection Entering dos protection mode SBC2000 CONFIG DOS PROTECTION Command Parameter Value Action Show the list of available commands exit Return from this configuration submenu to the upper level quit Terminate this CLI session set enable ICMP_flood ENABLE tru...

Page 112: ...nning of the list of blocked addresses blacklist show last COUNT 0 4095 Show the specified number from the end of the list of blocked addresses blacklist show position POSITION 0 65635 Show the entry in the specified position of the list of blocked addresses blacklist subnet BLACKIP subnet in CIDR AAA BBB CCC DDD FF notation Add a subnet to the list of blocked addresses and remove addresses and su...

Page 113: ...increment SERVICE INCREMENT_FLG SIP WEB TELNET SSH OTHER no yes Enable progressive blocking for the service set only block SERVICE ONLY_BLOCK_FLG SIP WEB TELNET SSH OTHER no yes Enable the Do not send blocked addresses to blacklist option for the service show Show dynamic firewall settings whitelist add WHITEIP IP address in AAA BBB CCC DDD format or subnet in CIDR AAA BBB CCC DDD FF notation Add ...

Page 114: ...ENABLE RULE_NAME S_IP S_MASK R_IP R_MASK PROTO S_PORT_START S_PORT_END D_PORT_START D_PORT_END ICMP_TYPE input output enable disable Text 63 characters max AAA BBB CCC DDD AAA BBB CCC DDD AAA BBB CCC DDD AAA BBB CCC DDD any tcp udp icmp tcp udp 1 65535 1 65535 1 65535 1 65535 none any echo reply destination unreachable network unreachable host unreachable protocol unreachable port unreachable frag...

Page 115: ...kets falling under this rule will be rejected by the firewall without informing the party that has sent these packets DROP packets falling under this rule will be rejected by the firewall the party that has sent the packet will receive either TCP RST packet or ICMP destination unreachable Firewall profile number add rule geoip direction ENABLE RULE_NAME COUNTRY PROTO S_PORT_START S_PORT_END D_PORT...

Page 116: ...ng transit ttl zero during reassembly parameter problem ip header bad required option missing timestamp request timestamp reply address mask request address mask reply accept drop reject 1 65535 Action action executed by this rule ACCEPT packets falling under this rule will be accepted by the firewall DROP packets falling under this rule will be rejected by the firewall without informing the party...

Page 117: ...own host unknown network prohibited host prohibited TOS network unreachable TOS host unreachable communication prohibited host precedence violation precedence cutoff source quench redirect network redirect host redirect TOS network redirect TOS host redirect echo request router advertisement router solicitation time exceeded ttl zero during transit ttl zero during reassembly parameter problem ip h...

Page 118: ... del rule ID 1 65535 Remove firewall rule exit Exit from this configuration submenu to the upper level modify profile ID NAME 1 65535 allowed using letters numbers character _ 63 characters max Firewall profile index Enter a new name for the device modify rule TYPE ID param action dport_end dport_start enable icmp type name prof_id proto r_ip r_mask s_ip s_mask sport_end sport_start traffic type 1...

Page 119: ... Terminate this CLI session 4 2 7 7 Network parameters configuration mode To enter this mode execute network command in the configuration mode SBC CONFIG network Entering Network mode SBC CONFIG NETWORK Command Parameter Value Action Show the list of available commands add interface pptpVPNclient LABEL IPADDR USER PASS you may use letters numbers _ characters 255 characters max IP address in AAA B...

Page 120: ... off Obtain DNS server IP address dynamically from the DHCP server for the specified interface set interface dhcp_no_gw NET_IFACE_IDX ON_OFF 0 39 on off Do not obtain gateway configuration dynamically from the DHCP server for the specified interface set interface gateway NET_IFACE_IDX IPADDR 0 39 IP address in AAA BBB CCC DDD format Set the default gateway for the interface set interface dhcp_ntp ...

Page 121: ...settings gateway_iface NET_IFACE_NAME Name of the interface whose gateway will be the default gateway set settings hostname HOSTNAME you may use letters numbers _ characters 63 characters max Set the host name set settings ssh PORT 1 65535 Set the TCP port for SSH access to the device the default is 22 set settings telnet PORT 1 65535 Set the TCP port for Telnet access to the device the default is...

Page 122: ... Value Action Show the list of available commands add TYPE trapsink trap2sink informsink Add SNMP trap transmission rule TYPE SNMP message type IP trap receiver IP address COMM password contained in traps PORT trap receiver UDP port IP IP address in AAA BBB CCC DDD format COMM string of up to 31 characters PORT 1 65535 config Return to Configuration menu create user LOGIN PASSWD string of up to 31...

Page 123: ...IDX IP address in AAA BBB CCC DDD format 0 8 Set authorization server IP address IP_ADDR IP address SRV_IDX server number auth port PORT SRV_IDX 0 65535 0 8 Set authorization server port PORT port number SRV_IDX server number auth secret SECRET SRV_IDX string 31 characters max 0 8 Set the password for authorization server SECRET password SRV_IDX server number config Return to Configuration menu de...

Page 124: ...tual PIAFS HDLC_Channel X25 X75 G3_Fax SDSL ADSL_CAP ADSL_DMT IDSL Ethernet xDSL Cable Wireless Wireless_IEEE_802 1 Assign the type of the physical NAS port the server where the user is authenticated Async is default auth restrict RESTRICT none restrict all Set a limit on outgoing communication when the server fails no response from the server none allow all calls restrict all restrict all calls a...

Page 125: ...master SERIAL_NUMBER String 10 characters Make the device with the specified serial number a master show Show reserve status information quit Terminate this CLI session show Show RADIUS profile configuration 4 2 7 13 Static route configuration mode To enter this mode execute route command in the configuration mode SBC CONFIG route Entering route mode SBC CONFIG ROUTE Command Parameter Value Action...

Page 126: ... 0 4095 VPN client name Change VPN client route VPN add DESTINATION MASK METRIC VPN_CLIENT ENABLE IP address in AAA BBB CCC DDD format mask in format of AAA BBB CCC DDD unsigned integer string 255 characters max disable enable Add a route via VPN client DESTINATION IP address of the destination MASK network mask for the specified IP address METRIC metric VPN_CLIENT VPN client name ENABLE enable di...

Page 127: ...rule SBC_RULE_ID 1 65535 Edit a rule with a specified ID exit Exit from this configuration submenu to the upper level quit Terminate this CLI session remove rule SBC_RULE_ID 1 65535 Remove the rule with the specified ID show info Display a list of all rule sets swap rules SBC_RULE_ID_CURRENT SBC_RULE_ID_TARGET 1 65535 1 65535 Swap CURRENT and TARGET rules 4 2 7 16 Configuring rule sets To enter th...

Page 128: ...N_OFF on off If this option is enabled the Diversion header will not be sent to the destination set name SBC_RULE_NAME String 63 characters max Rule name set work time interval WORK_TIME_INTERVAL HH MM HH MM where HH 00 23 MM 00 59 Set the time interval of the rule show info Show all rule settings show sip destination list Show all available SIP destination show trunk list Show available SBC trunk...

Page 129: ...re ID and INDEX ID or index of the edited destination SBC1000 CONFIG SIP DESTINATION edit destination id 12 Entering SBC SIP destination edit mode SBC1000 CONFIG SIP DESTINATION ID 12 Command Parameter Value Action Show the list of available commands exit Exit from this configuration submenu to the upper level quit Terminate this CLI session set adaptation ADAPTATION none HUAWEI EchoLife Iskratel ...

Page 130: ...ng timeout from the counterparty off disable RTCP waiting set rtp loss timeout TIMEOUT 10 300 off Set the RTP waiting timeout from the counterparty off disable RTP waiting set rtp loss multiplier on hold TIMEOUT_MULTIPLIER 1 30 Set the RTP waiting multiplier in the on hold mode set rtp loss multiplier silence suppression TIMEOUT_MULTIPLIER 1 30 Set the RTP waiting multiplier in the on silence supp...

Page 131: ...t the name Set the ID of the interface used for SIP signaling Set the port for signalling Set the ID of the interface used for RTP exit Exit from this configuration submenu to the upper level quit Terminate this CLI session remove transport SBC_SIP_TRANSPORT_INDE X 0 254 Remove destination by index remove by id transport SBC_SIP_TRANSPORT_ID 1 65535 Remove destination by ID set by id name SBC_SIP_...

Page 132: ... network interfaces 4 2 7 20 SIP users list configuration To enter this mode execute sip users command in the configuration mode SBC1000 CONFIG sip users Entering SBC SIP users mode SBC1000 CONFIG SIP USERS Command Parameter Value Action Show the list of available commands add user SIP_USER_NAME SIP_TRANSPORT_ID String 63 characters max 1 65535 Add new SIP users Set the name Set ID for the used SI...

Page 133: ...OFF on off Enable unchanged contact transmission set radius profile id RADIUS_PROFILE_ID 1 65535 Assign RADIUS profile set radius profile none Unassign RADIUS profile set registration interval REG_INTERVAL 60 65535 Set the permissible re registration interval for users sec set restrictions non registered deny all Set call restriction for unregistered users everything is restricted set restrictions...

Page 134: ...only TCP only set verify media remote address ON_OFF on off Enable the RTP source IP and port control option show info Show settings show radius profile list Show list of all configured RADIUS profiles show rule set list Show list of configured rule set show sip transport list Show list of available SIP transports 4 2 7 22 SNMP configuration mode To enter this mode you must execute the snmp comman...

Page 135: ...he parameters show Show SNMP configuration syscontact SYSCONTACT string 63 characters max Specify contact information syslocation SYSLOC string 63 characters max Specify device location sysname SYSNAME string 63 characters max Specify device name 4 2 7 23 Switch parameter configuration mode To enter this mode 1 execute switch command in the configuration mode SBC CONFIG switch Entering switch cont...

Page 136: ... off GE_PORT0 GE_PORT1 GE_PORT2 SFP0 SFP1 GE_PORT0 GE_PORT1 GE_PORT2 SFP0 SFP1 Enable Dual Homing redundancy B_MASTER main port B_SLAVE redundant port PREEMPTION enable disable return to the main port when it is restored set port default vlan id PORT VLANID GE_PORT0 0 GE_PORT1 1 GE_PORT2 2 CPU 4 SFP0 6 SFP1 7 0 4095 Assign VLAN ID to this port set port egress PORT EGRESS GE_PORT0 0 GE_PORT1 1 GE_P...

Page 137: ...ply to this port Secure if a packet with VID is received through the port and there is a record in a 802 1q routing table for this packet then it falls within a scope of routing rules specified in the current record of this table otherwise it is rejected Routing rules specified in egress and output will not apply to this port set port LACP_trunk1 PORT LACP CPU GE_PORT0 GE_PORT1 GE_PORT2 SFP0 SFP1 ...

Page 138: ...O OVER GE_PORT0 GE_PORT1 GE_PORT2 CPU SFP0 SFP1 0 4095 0 7 on off unmodified untagged tagged not_member unmodified untagged tagged not_member unmodified untagged tagged not_member unmodified untagged tagged not_member unmodified untagged tagged not_member unmodified untagged tagged not_member Add new element to VTU table VID VLAN identifier PRIO 802 1р priority assigned to packets in the given VLA...

Page 139: ...tag by this port Not member packets with specified VID will not be sent by this port i e the port is not the member of VLAN settings_GE_PORT0 NUMBER CPU 0 4095 unmodified untagged tagged not_member Assign actions performed by this port when transmitting a packet with the specified VID Unmodified packets will be sent by the port without any changes untagged packets will always be sent without VLAN ...

Page 140: ...is not the member of VLAN settings_SFP1 NUMBER CPU 0 4095 unmodified untagged tagged not_member Assign actions performed by this port when transmitting a packet with the specified VID Unmodified packets will be sent by the port without any changes untagged packets will always be sent without VLAN tag by this port tagged packets will always be sent with VLAN tag by this port Not member packets with...

Page 141: ...ing NUMBER QUEUE 1 0 3 Distribute packets into queues depending on the IP diffserv priority NUMBER IP diffserv priority number QUEUE queue number set egress_limit PORT EGRLIM GE_PORT0 0 GE_PORT1 1 GE_PORT2 2 CPU 4 SFP0 6 SFP1 7 on off Enable disable bandwidth limit for outgoing traffic from this port set egress_rate_limit PORT EGRRATE GE_PORT0 0 GE_PORT1 1 GE_PORT2 2 CPU 4 SFP0 6 SFP1 7 0 250000 S...

Page 142: ...7 0 7 Remap 802 1р priorities for tagged packets PORT configurable port NUM current priority value REMAP new value show QOS PORT GE_PORT0 0 GE_PORT1 1 GE_PORT2 2 CPU 4 SFP0 6 SFP1 7 Show QoS configuration parameters for the given port show QOS_diffserv Show parameters for distribution of packets into queues depending on the IP diffserv priority show QOS_priomap Show parameters for distribution of ...

Page 143: ...r this mode execute trunk command in the configuration mode SBC1000 CONFIG trunk Entering SBC trunk mode SBC1000 CONFIG TRUNK Command Parameter Value Action Show the list of available commands add trunk SBC_TRUNK_NAME LOAD_BALANCE_MODE LOAD_BALANCE_TIME OUT String 63 characters max active active active backup 5 65535 Add new SBC Trunk Trunk name Balancing mode Balancing timeout sec exit Return fro...

Page 144: ...E 0 65534 active active active backup Assign balancing mode by trunk index set load balance timeout SBC_TRUNK_INDEX LOAD_BALANCE_TIME OUT 0 65534 5 65535 Assign balancing timeout by trunk index sec set name SBC_TRUNK_INDEX SBC_TRUNK_NAME 0 65534 String 63 characters max Assign name to trunk by its index show info Show settings show sip destination list Show list of available SIP destination swap b...

Page 145: ...E String 31 characters max Add your User Agent mask to the list exit Return from this configuration submenu to the upper level quit Terminate this CLI session remove by id user agent USER_AGENT_ID 1 65535 Remove User Agent from list by its ID remove user agent USER_AGENT_INDEX 0 65534 Remove User Agent from list by its index show Show configured list ...

Page 146: ...ts of the switch which are brought out on the front panel Possible values 0 3 ports 0 1 copper ports ports 2 3 optical and copper combo ports port channel LAG aggregation groups of switch front port interfaces used when multiple front ports are combined into a LACP group Possible values 1 4 host port internal ports of the SMG 2016 switch intended for communication with the SMG 2016 processor CPU P...

Page 147: ...ion groups of the switch s external interfaces number port number for front port unit port where unit SBC 2000 module number always is 1 port port number may take values 0 3 for host channel 1 for port channel 1 4 The number parameter can take the all value to configure all ports of the same interface type at once shutdown This command disables an interface being configured The use of a negative f...

Page 148: ...channel 0 4 for sm port 0 15 unit module number may take value 1 port port number may take values 0 5 Example SBC2000 CONFIG SWITCH if bridging to front port all flow control This command enables disables the flow control mechanism on the interface to be configured The flow control mechanism makes it possible to compensate for differences in transmitter and receiver speeds If the traffic amount ex...

Page 149: ...agged Example SBC2000 CONFIG SWITCH if frame types all Untagged traffic is allowed on configured ports speed The command sets speed value for interface being configured The command set the following modes 10 Mbps 100 Mbps 1000 Mbps When setting 10 Mbps 100 Mbps you must specify the mode of the transceiver duplex half duplex Syntax speed rate mode Parameters rate rate value 10M 100M 1000 Mbps mode ...

Page 150: ...ups sm port number port number all all ports of the selected interface for front port unit port where unit module number may take value 1 port port number may take values 0 3 for host channel 1 for host port unit module number may take value 1 port port number may take values 0 2 for port channel 0 4 for sm port 0 15 unit module number may take value 1 port port number may take values 0 5 Example ...

Page 151: ... for host channel 1 for host port unit module number may take value 1 port port number may take values 0 2 for port channel 0 4 for sm port unit module number may take value 1 port port number may take values 0 5 Example SBC2000 CONFIG SWITCH show interfaces status front port all Port Media Duplex Speed Neg Flow Link Back control State Pressure front port 1 0 N A N A N A N A N A Down N A front por...

Page 152: ...it module number may take value 1 port port number may take values 0 2 for port channel 0 4 for sm port unit module number may take value 1 port port number may take values 0 5 Example SBC2000 CONFIG SWITCH show interfaces counters front port all MAC MIB counters receive Port UC recv MC recv BC recv Octets recv front port 1 0 0 0 0 0 front port 1 1 436940 6297 9289 65685375 front port 1 2 1422764 ...

Page 153: ... if channel group 1 All uplink ports are combined in group 1 lacp mode This command allows you to select the channel aggregation mode Passive switch does not initiate creation of a logical link but processes incoming LACP packets Active in this mode it is necessary to form an aggregated communication line and initiate negotiation Connection of communication lines is formed if the other side works ...

Page 154: ...xample SBC2000 CONFIG SWITCH if lacp port priority 256 Port 256 priority is set on the configurable ports lacp rate This command sets the transmission interval of control packets of LACPDU protocol The use of the negative form of the command no sets the transmission interval of control packets of the LACPDU protocol by default Syntax lacp rate rate no lacp rate Parameters rate transmission interva...

Page 155: ... if pvid 5 PVID 5 is assigned to the configured port STP RSTP configuartion commands spanning tree enable This command enables the STP function on the interface to be configured The use of the negative form of the command no forbids STP on interface Syntax no spanning tree enable Parameters Command contains no arguments Command mode INTERFACE FRONT PORT INTERFACE PORT CHANNEL Example SBC2000 CONFI...

Page 156: ...the default STP operation priority 128 is set by default Syntax spanning tree priority priority no spanning tree priority Parameters priority priority takes values in multiples of 16 0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Default value 128 Command mode INTERFACE FRONT PORT INTERFACE PORT CHANNEL Example SBC2000 CONFIG SWITCH if spanning tree priority 144 Priority 144 is set spanni...

Page 157: ...min p2p type no spanning tree admin p2p Parameters type connection definition type auto the definition is based on BPDU force false forced link as a non p2p force true forced link as a p2p Default value p2p connection type is determined based on BPDU Command mode INTERFACE FRONT PORT INTERFACE PORT CHANNEL Example SBC2000 CONFIG SWITCH if spanning tree admin p2p auto For the configured port the co...

Page 158: ...egative form of the command no sets the default MAC address lifetime Syntax no mac address table aging time aging time no mac address table aging time Parameters aging time MAC address life time may take values 10 630 seconds Default value 300 seconds Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH mac address table aging time 100 show mac address table count This command allows viewing t...

Page 159: ...dule number may take value 1 port port number may take values 0 3 for host channel 1 for port channel 0 4 Command mode CONFIG SWITCH Port mirroring configuration commands mirror rx tx interface This command enables the mirroring operation on the switch ports for incoming and outgoing traffic Interface mirroring allows you to copy traffic going from one port to another for external analysis The use...

Page 160: ...it module number may take value 1 port port number may take values 0 5 Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH mirror rx interface front port 1 3 For incoming traffic coming to front port 1 3 interfaces port mirroring operation is enabled Traffic is copied from the slot port to the port analyzer set by the mirror rx analyzer command mirror rx tx analyzer This command allows you to...

Page 161: ...802 1q mark to the traffic being analyzed Setting the tag value can be done by the command mirror rx tx added tag config The use of the negative form of the command no removes the tag Syntax no mirror add tag Parameters Command contains no arguments Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH mirror add tag mirror rx tx added tag config This command allows you to set a tag value that ...

Page 162: ...ive Q in Q rule list The SELECTIVE Q IN Q functionality allows adding an external SPVLAN Service Provider s VLAN replace the Customer VLAN and deny traffic based on configurable filtering rules by internal VLAN Customer VLAN numbers add tag This command adds an outer tag based on the inner tag The use of a negative form no of the command removes the set rule Syntax no add tag svlan s vlan cvlan c ...

Page 163: ...Parameters rule_index rule number may take values 0 511 Command mode SELECTIVE Q IN Q clear This command removes all Selective Q in Q rules Syntax clear Parameters Command contains no arguments Command mode SELECTIVE Q IN Q selective qinq enable This command enables the Selective Q in Q feature on the configured SMG 2 16 switch Interface The use of a negative form no of the command disables the SE...

Page 164: ...ace This command specifies a redundant interface to which the switching will occur when the connection is lost on a primary one Redundancy is enabled only on those interfaces on which the SPANNING TREE protocol is disabled The use of a negative form no of the command removes interface configuration Syntax no backup interface INTERFACE INDEX vlan VLAN_ID_RANGE Parameters interface interface type fr...

Page 165: ...e of a negative form no of the command restores the default value 1 packet Syntax no backup interface mac duplicate COUNT Parameters COUNT amount of packets copies takes values of 1 4 Default value 1 packet Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH backup interface mac duplicate 4 backup interface preemption This command specifies that it is necessary to switch traffic to the main i...

Page 166: ...erfaces backup Backup Interface Options Preemption is disabled MAC recovery packets rate 400 pps Recovery packets repeats count 1 Backup Interface Pairs VID Master Interface Backup Interface State 30 front port 1 0 front port 2 0 Master Up Backup Standby 150 front port 1 0 front port 2 0 Master Up Backup Standby LLDP configuration lldp enable This command allows the switch to work over the LLDP Th...

Page 167: ...m no of the command sets the default value Syntax lldp hold multiplier hold no lldp hold multiplier Parameters hold time may take values 2 10 seconds Default value The default value is 4 seconds Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH lldp hold multiplier 5 lldp reinit This command sets ninimum amount of time for the LLDP port to wait before LLDP reinitialization The use of a nega...

Page 168: ... the delay between the subsequent LLDP packet transmissions caused by the changes of values or status in the local LLDP MIB database It is recommended that this delay be less than 0 25 LLDP Timer The use of a negative form no of the command sets the default value Syntax lldp tx delay txdelay no lldp tx delay Parameters txdelay time may take values 1 8192 seconds Default value The default value is ...

Page 169: ... show information for all ports interface interface type front port external uplink interfaces port channel external LAG uplink interface aggregation groups number port number you can specify several ports separated by commas or you can specify the range of ports with for front port unit port where unit module number may take value 1 port port number may take values 0 3 for port channel 0 4 Defaul...

Page 170: ...re unit module number may take value 1 port port number may take values 0 3 for port channel 0 4 Default value The display will show information for all ports Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH show lldp neighbor LLDP neighbors Interface Device ID Port ID TTL front port 1 1 02 00 2a 00 07 15 g15 115 120 front port 1 2 02 00 04 88 7e front port 1 3 105 120 SBC2000 CONFIG SWITC...

Page 171: ...0a front port 1 2 120 show lldp statistics This command allows viewing LLDP statistics for front port port channel interfaces Syntax show lldp statistics interface number Parameters Optional parameters if you omit them the display will show information for all ports interface interface type front port external uplink interfaces port channel external LAG uplink interface aggregation groups number p...

Page 172: ... 0 0 show lldp lldpdu This command is used to view the way LLDPDU packets are processed for interfaces where LLDP function is disabled Syntax show lldp lldpdu Parameters Command contains no arguments Command mode CONFIG SWITCH Example SBC2000 CONFIG SWITCH show lldp lldpdu Global flooding QoS configuration qos default This command defines the queue that will be used for packets without any preconf...

Page 173: ...ic prioritization method 0 all the priorities are equal 1 packet selection only by 802 1p only Priority field in 802 1Q tag 2 packet selection only by DSCP TOS field Differentiated Services IP packet header senior 6 bits 3 interaction either via 802 1p or DSCP ToS Default value By default all priorities are equal Command mode CONFIG SWITCH Example qos type 2 Traffic prioritization will be done onl...

Page 174: ...lue of the field priority 7 in 802 1Q tag cntrset This command assigns the queue statistics collector to the queues with specified criteria Syntax cntrset PORT UNIT SET VLAN QUEUE DROP PRECEDENCE Parameters PORT type of the port for counting may take values all all ports cpu CPU port front port counting front port host port sm port UNIT port sequential number for cpu may take value 1 for front por...

Page 175: ...e is set in the range 0 7 the queue with a priority value of 7 is considered the highest priority Syntax show qos Parameters Command contains no arguments Command mode CONFIG SWITCH Configuration operation commands SBC 2000 switch has 2 configuration types running config configuration that is currently active on the device candidate config configuration in which any changes have been made it will ...

Page 176: ... confirm to protect against the changes that have been made causing loss of access to the device If no confirmation is performed within 60 seconds the configuration is rolled back to the previous running config Configuration application command Syntax apply Parameters Command contains no arguments Command mode CONFIG SWITCH Confirmation command Syntax confirm Parameters Command contains no argumen...

Page 177: ...d to exit from this configuration submenu to the upper level Syntax exit Parameters Command contains no arguments Command mode CONFIG SWITCH history Command is used to view history of entered commands Syntax history Parameters Command contains no arguments Command mode CONFIG SWITCH ...

Page 178: ...uter that runs TFTP server and the device should be located in the same network 6 Turn the device on and stop the startup sequence by entering stop command in the terminal program window For SBC 2000 U Boot 2011 12 Nov 18 2013 12 56 19 Marvell version 2012_Q4 0p17 Init Switch of the board Switch Initialization Switch Initialization Ok Vendor Id 000011ab Switch Phy 4 id 0141 0dc0 Switch Phy 5 id 01...

Page 179: ...omputer that runs TFTP server ENTER Example set serverip 192 168 2 5 10 For SBC 1000 enter mii si ENTER to activate the network interface mii si Init switch 0 Ok Init switch 1 Ok Init phy 1 Ok Init phy 2 Ok 11 Update the Linux kernel using run flash_kern command For SBC 2000 SMG2016 run flash_kern TFTP from server 192 168 2 5 our IP address is 192 168 2 2 Filename smg2016 smg2016_kernel Loading do...

Page 180: ...5 our IP address is 192 168 2 2 Filename smg2016 smg2016_initrd Loading done Copy to Flash done SMG2016 For SBC 1000 run flash_initrd Using ppc_4xx_eth0 device TFTP from server 192 168 2 5 our IP address is 192 168 2 2 Filename smg smg1016M_initrd Load address 0x400000 Loading done Bytes transferred 25430113 1840861 hex Erase Flash Sectors 56 183 in Bank 2 Un Protected 256 sectors done Erased 256 ...

Page 181: ...way sends a message to IP address 192 168 20 120 port 5062 SBC 2000 forwards this traffic from IP address 192 168 16 113 port 5061 to Softswitch 192 168 16 65 port 5060 SBC configuration procedure 1 Interface configuration menu Network subsystem Network interfaces section 4 1 4 3 a Create an interface in the Softswitch direction Interface parameters 192 168 16 113 ...

Page 182: ... 3 6 It is necessary to set the ranges of ports used for RTP 3 SIP transport configuration menu SBC configuration SIP transport section 4 1 3 1 a Add a SIP transport in the subscriber gateway direction Interface parameters network interface 20 120 signalling port 5062 media 20 120 b Add a SIP transport in the Softswitch destination Interface parameters network interface 16 113 signalling port 5061...

Page 183: ...P user configuration menu SBC Configuration SIP Users section 4 1 3 3 a Add SIP Users In the SIP transport field select the transport in the subscriber destination 20 120_50 62 if the subscribers are behind NAT set the NAT subscribers flag and specify the connection storage time on NAT ...

Page 184: ...llows 5 SIP destination configuration menu SBC Configuration SIP Destination section 4 1 3 2 a Add a SIP Destination In the SIP transport field select the transport in the Softswitch destination 16 113_5061 in the Remote address field specify the IP address of Softswitch ...

Page 185: ...ame add a rule to the set In the Action field select Send to destination in the SIP Destination field specify the destination that was configured for Softswitch Set the condition to All save the rule and the rule set 7 Binding a rule to a destination for subscribers a Go to the SIP Users section select the previously created destination and in the Rule set select the created rule set ...

Page 186: ...186 SBC session border controllers b The SIP user table will be as follows 8 To apply the settings save the configuration to Flash menu Service Save configuration to flash section 4 1 12 ...

Page 187: ...or SIP subscribers of this Appendix 2 Configuration of media for SIP See section 1 Configuration of SBC for SIP subscribers of this Appendix 3 SIP transport configuration menu SBC Configuration SIP transport section 4 1 3 1 a Add a SIP transport in the trunk gateway destination Interface parameters network interface 20 120 signalling port 5067 media 20 120 b Add a SIP transport in the Softswitch d...

Page 188: ...IP transport table will be as follows 4 SIP destination configuration menu SBC Configuration SIP Destination section 4 1 3 2 a Add a SIP destination in the trunk gateway destination the Rule set field does not need to be filled in at this point ...

Page 189: ...SBC session border controllers 189 b Add a SIP destination in the Softswitch destination the Rule set field does not need to be filled in at this point c The SIP destination table will be as follows ...

Page 190: ...d the rule to destinations To bind in the destination settings for Softswitch in the SIP Users section select a rule set where in the field SIP destination specified the trunk gateway destination Accordingly in the destination settings for the trunk gateway select a different set of rules directing everything to Softswitch The SIP destination table will be as follows 7 To apply the settings save t...

Page 191: ... address in the network constantly watching the primary device MASTER and as soon as MASTER fails SLAVE takes over all functions completely replacing the failed MASTER In order to fully duplicate the function the redundant device constantly receives from the master the current configuration subscriber database and other necessary files for work Only single type SBC 1000 or SBC 2000 devices are use...

Page 192: ...onfiguration procedure Consider the case of connecting to two MES switches in a stack Figure 35 Initial state two SBC of the same type with a reserve license two MES switches in the stack The stack on the switches should be configured according to the switch documentation First you should configure the service VLAN pass through on the switches On the ports where the global SBC links will be connec...

Page 193: ... both the local and global links If there are problems with the master slave relationship or lack of visibility over the local and global links check that all configuration steps have been completed correctly Seniority determination The following algorithm is used to determine which device is MASTER or SLAVE If no local links are active when the device is turned on the device becomes MASTER If no ...

Page 194: ...194 SBC session border controllers The block scheme for determining seniority Handling of connection via global or local link ...

Page 195: ...ter writing the configuration to flash 10 seconds after each configuration change and periodically once every 180 seconds List of transferred files file of configuration recorded to flash Current running configuration file keys for creating ssh tunnels registered subscribers database linux user files Web interface and CLI user password files all dynamic firewall address lists https keys and certif...

Page 196: ...parameter is used in the command U unsigned integer type of numeric parameter is used in the command S string parameter is used in the command A IP address is used in the command Please pay attention some commands using IP address as argument have string type of data s Table D 1 Command examples Request description Command Get snmpwalk v2c c public m ELTEX SBC ip_sbc activeCallCount Get x snmpwalk...

Page 197: ... 3 6 1 4 1 35265 1 49 3 Get Firmware version sbcUptime 1 3 6 1 4 1 35265 1 49 5 Get Firmware operation time sbcUpdateFw 1 3 6 1 4 1 35265 1 49 25 Set S Firmware update Send a Set inquiry with space separated parameters the name of the file without spaces TFTP server address sbcReboot 1 3 6 1 4 1 35265 1 49 27 Set 1 Reboot of the device sbcSave 1 3 6 1 4 1 35265 1 49 29 Set 1 Saving the configurati...

Page 198: ...t x CPU kernel applications cpuNic 1 3 6 1 4 1 35265 1 49 37 1 4 x Get x CPU applications with changed priority cpuIdle 1 3 6 1 4 1 35265 1 49 37 1 5 Get x CPU idle cpuIo 1 3 6 1 4 1 35265 1 49 37 1 6 x Get x CPU I o operations cpuIrq 1 3 6 1 4 1 35265 1 49 37 1 7 x Get x CPU hardware interrupt processing cpuSirq 1 3 6 1 4 1 35265 1 49 37 1 8 x Get x CPU the processing of firmware interrupts cpuUs...

Page 199: ...3 6 1 4 1 35265 1 49 34 3 5 Get Set 1 Apply changes in the system log settings View information on registered users In this description the SNMP utility invocation commands will be represented by the following scripts for brevity and clarity Swalk script implements reading values bin bash usr bin snmpwalk v2c c public m ELTEX SBC 192 0 2 1 Sset script implements value setting bin bash usr bin snmp...

Page 200: ...scribers 1 3 6 1 4 1 35265 1 49 44 5 Get List of registered subscribers In the without search mode displays all subscribers In the search by substring mode displays all subscribers whose description contains the specified substring subName 1 3 6 1 4 1 35265 1 49 44 5 1 2 Get Subscriber name SIP URI subUserAgent 1 3 6 1 4 1 35265 1 49 44 5 1 3 Get user agent subUserAddr 1 3 6 1 4 1 35265 1 49 44 5 ...

Page 201: ...You can get the object ID from the ID column in the CLI To do this in SIP destination edit mode give SIP users or SIP transport the show info command The second way is to request an SNMP counter with COUNTER 3 without specifying an ID Examples Requesting the names of all SIP Transports note that in the response the next digit after the name requested by OID is the transport identifier which can be...

Page 202: ...1 35265 1 49 43 1 1 2 Get SIP Users indexes countStatUserName 1 3 6 1 4 1 35265 1 49 43 1 1 3 Get SIP Users names countStatUserElapsedTime 1 3 6 1 4 1 35265 1 49 43 1 1 4 Get Total time of active calls countStatUserIncCalls 1 3 6 1 4 1 35265 1 49 43 1 1 5 Get Number of incoming calls countStatUserOutCallLegs 1 3 6 1 4 1 35265 1 49 43 1 1 6 Get Number of outgoing calls countStatUserMsgRcv 1 3 6 1 4...

Page 203: ...35265 1 49 43 2 1 6 Get Number of outgoing calls perSecStatUserMsgRcv 1 3 6 1 4 1 35265 1 49 43 2 1 7 Get Number of incoming SIP messages perSecStatUserMsgSend 1 3 6 1 4 1 35265 1 49 43 2 1 8 Get Number of outgoing SIP messages perSecStatUserAnswSucces sCalls 1 3 6 1 4 1 35265 1 49 43 2 1 9 Get Number of successfully received calls perSecStatUserAnswFinalEr rCalls 1 3 6 1 4 1 35265 1 49 43 2 1 10 ...

Page 204: ...ls 1 3 6 1 4 1 35265 1 49 43 3 1 9 Get Number of successfully received calls countStatTransportAnswFi nalErrCalls 1 3 6 1 4 1 35265 1 49 43 3 1 10 Get Number of rejected calls countStatTransportUnansw Other4xx 1 3 6 1 4 1 35265 1 49 43 3 1 11 Get Number of unanswered calls with SIP codes 4xx countStatTransportUnansw Other5xx 1 3 6 1 4 1 35265 1 49 43 3 1 12 Get Number of unanswered calls with SIP ...

Page 205: ...swFi nalErrCalls 1 3 6 1 4 1 35265 1 49 43 4 1 10 Get Number of rejected calls perSecStatTransportUnans wOther4xx 1 3 6 1 4 1 35265 1 49 43 4 1 11 Get Number of unanswered calls with SIP codes 4xx perSecStatTransportUnans wOther5xx 1 3 6 1 4 1 35265 1 49 43 4 1 12 Get Number of unanswered calls with SIP codes 5xx perSecStatTransportUnans wOther6xx 1 3 6 1 4 1 35265 1 49 43 4 1 13 Get Number of una...

Page 206: ...StatDestUnanswOthe r6xx 1 3 6 1 4 1 35265 1 49 43 5 1 13 Get Number of unanswered calls with SIP codes 6xx countStatDestUnanswOthe rUndef 1 3 6 1 4 1 35265 1 49 43 5 1 14 Get Number of unanswered calls with SIP codes that are not included in other counters countStatDestRedirectCalls CODE where CODE one of values 300 301 302 305 308 1 3 6 1 4 1 35265 1 49 43 5 1 300 1 3 6 1 4 1 35265 1 49 43 5 1 30...

Page 207: ...SecStatDestUnanswOth er6xx 1 3 6 1 4 1 35265 1 49 43 6 1 13 Get Number of unanswered calls with SIP codes 6xx perSecStatDestUnanswOth erUndef 1 3 6 1 4 1 35265 1 49 43 6 1 14 Get Number of unanswered calls with SIP codes that are not included in other counters perSecStatDestRedirectCall s CODE where CODE one of values 300 301 302 305 308 1 3 6 1 4 1 35265 1 49 43 6 1 300 1 3 6 1 4 1 35265 1 49 43 ...

Page 208: ...35265 1 49 17 3 x Get x Changed on cpuNic 1 3 6 1 4 1 35265 1 49 37 1 4 x sbcTopCpuIdle 1 3 6 1 4 1 35265 1 49 17 4 x Get x Changed on cpuIdle 1 3 6 1 4 1 35265 1 49 37 1 5 x sbcTopCpuIo 1 3 6 1 4 1 35265 1 49 17 5 x Get x Changed on cpuIo 1 3 6 1 4 1 35265 1 49 37 1 6 x sbcTopCpuIrq 1 3 6 1 4 1 35265 1 49 17 6 x Get x Changed on cpuIrq 1 3 6 1 4 1 35265 1 49 37 1 7 x sbcTopCpuSirq 1 3 6 1 4 1 352...

Page 209: ...00 and SBC 3000 can be expanded to 500 with a 500VNI license SBC Trunk 256 256 256 For SBC 2000 and SBC 3000 can be expanded to 500 with a 500VNI license Rule set 1000 1000 512 Rule for each Rule set 1500 1500 1000 There is no limit per profile only a general limit Rule set rules per device 1500 1500 1000 Ports for RTP range for starting port 10000 65535 number of ports 1 32000 range for starting ...

Page 210: ...st 16384 16384 8192 Entries in log of blocked addresses 10000 10000 10000 Firewall profiles 32 32 32 Rules for incoming outgoin g transit traffic branches in the profile and everything for the device 1000 1000 1000 Entries in the list of allowed IP addresses access to the control from certain addresses 255 255 255 RADIUS profiles 32 32 32 NA not applicable ND not defined ...

Page 211: ...s Feedback form on the site http eltex co com support Servicedesk https servicedesk eltex co com Visit ELTEX official website to get the relevant technical documentation and software send us an online request or consult a Service Centre Specialist Official website http eltex co com Download center http eltex co com support downloads ...

Reviews:

No comments