Manualshelf

Network Router User Manual

ManualsBrandsCisco Systems ManualsNetwork RouterASR 1000
919293949596979899100
9-6
Cisco IOS XE Integrated Session Border Controller Configuration Guide for the Cisco ASR 1000 Series Aggregation Services Routers
OL-15421-01
Chapter 9 Topology Hiding
IPv6 Support
packet has the endpoint’s IP address as the destination address, and the MGC/SBE IP address as the
source address. In Single NAPT, the DBE changes the source address to use the DBE IP address. See the
“IPv6 Single NAPT for Signaling” section on page 9-7.
No NAPT means the received SBC packets do not contain any DBE local addresses because the DBE
does not translate any IP addresses and ports during packet forwarding. The DBE rewrites neither the
source nor destination addresses and ports in both directions. See the
“IPv6 No NAPT Support for Media
Flows” section on page 9-6
IPv6 Pinholes
DBE support of IPv6 pinholes includes the following functionality:
The DBE supports forwarding of media from one IPv6 endpoint to another IPv6 endpoint.
The DBE supports IPv4 and IPv6 endpoints simultaneously. However, no interworking between
IPv4 and IPv6 endpoints is supported. IPv4 endpoints can only forward media to other IPv4
endpoints and IPv6 endpoints can only forward media to other IPv6 endpoints.
The DBE supports configuration of IPv6 pinhole addresses and pinhole address pools.
DBE supports signaling pinholes using IPv6 addresses.
Support is added for the MGC to specify the address and port in the Megaco local descriptor for
terminations as one of the following:
An address and port that are not owned by the SBC and not configured in a media address range on
the SBC, but matching the remote address and port for the other termination in the stream.
An address range, in the form of a classless interdomain routing (CIDR) mask (for example,
10.13.8.0/21) together with a 0 port number, that does not overlap with any address ranges owned
by the SBC or any media address range configured on the SBC, but the address and port match the
gm/rsam (Gate Management/remote source address mask) for the other termination in the stream.
SBC recognizes these “local” addresses as signifying Single NAPT pinholes. And if specified for both
terminations in the stream, SBC recognizes these addresses as No NAPT pinholes. All pinholes only
forward packets to a full destination address and port that was either specified in the remote descriptor
or latched to (within a gm/rsam that matches the local address mask).
IPv6 No NAPT Support for Media Flows
To support IPv6 on the DBE deployment, media flows do not support NAPT. No NAPT support means
that no IP addresses and ports are translated by the DBE from a private address to a public address (for
multiple users to share a single public address).
Because media addresses and ports are not translated, media flows on both sides of the media address
are programmed with private, local addresses and ports that do not belong to the DBE. These local
addresses and ports are specified by the MGC to match the remote address and port on the opposite side
of the media address. Traffic in both directions is addressed directly to the remote endpoint on the other
side of the DBE. The DBE rewrites neither the source nor destination addresses and ports in both
directions because the DBE does not translate any IP addresses and ports during packet forwarding.
Neither the source address nor destination address contains any DBE local media addresses.