Dialogic® BorderNet™ 4000 Session Border Controller Product Description Document December 2013 64-0550-06 www.dialogic.
Copyright and Legal Notice Copyright © 2011-2013 Dialogic Inc. All Rights Reserved. You may not reproduce this document in whole or in part without permission in writing from Dialogic Inc. at the address provided below. All contents of this document are furnished for informational use only and are subject to change without notice and do not represent a commitment on the part of Dialogic Inc. and its affiliates or subsidiaries (“Dialogic”).
Table of Contents 1. Dialogic® BorderNet™ 4000 Session Border Controller.................................. 6 Key Features .................................................................................................. 6 B2BUA Architecture ......................................................................................... 7 Call Management ......................................................................................... 7 Certifications and Compliance .......................................
SIP Profiler ................................................................................................... 26 PRACK ......................................................................................................... 27 Call Routing ................................................................................................. 27 Local DNS ................................................................................................. 27 External DNS Support ...................................
Dialogic® BorderNet™ 4000 SBC Product Description Document Revision History Revision Release date Notes 64-0550-06 December 2013 Release 3.2 64-0550-05 June 2013 Release 3.1 64-0550-04 January 2013 Release 3.0 64-0550-03 September 2012 Release 2.1 64-0550-02 July 2012 Release 2.0 64-0550-01 February 2012 Release 1.0 Refer to www.dialogic.com for product updates and for information about support policies, warranty information, and service offerings.
1. Dialogic® BorderNet™ 4000 Session Border Controller The Dialogic® BorderNet™ 4000 Session Border Controller (SBC) is a stand-alone device that provides all the functionality required for call signaling, control, and media termination in a VoIP network. It is typically deployed on the border of a network and manages both incoming and outgoing signaling and media traffic for service providers that require call session control and network security.
Dialogic® BorderNet™ 4000 SBC Product Description Document The BorderNet 4000 SBC can operate at 99.999% availability without impacting call sessions during system switchovers or malicious attacks. B2BUA Architecture A back-to-back user agent (B2BUA) is a logical entity that controls SIP signaling between the endpoints of a call. A B2BUA acts as a user agent server (UAS) when it receives a request, and then the B2BUA acts as a user agent client (UAC) to process the request.
Dialogic® BorderNet™ 4000 SBC Product Description Document • Achieved 600 cps without dropping calls and maintaining a 25% CPU utilization. • Withstood a 72 hour INVITE flood attack with normal baseline call traffic. • Maintained call functionality while being attacked with malformed SIP messages. • Maximum system uptime achieved with redundant signaling/media, management and HA interfaces. SIPconnect 1.1 Compliance The BorderNet 4000 SBC is SIPconnect 1.1 Compliant. SIPconnect 1.
Dialogic® BorderNet™ 4000 SBC Product Description Document 2. Product Specifications Protocols Supported Signaling Protocols SIP, H.
Dialogic® BorderNet™ 4000 SBC Product Description Document Media Routing Media Interworking • RFC 4904 Trunk Group Routing support • Multi-tenant routing table support • Emergency services call routing and call prioritization • SIP URN Routing • Dynamic SIP REFER Processing • Media termination • Separation of signaling and media over VLANs • Media NAT traversal • QoS (including DSCP) Transcoding support for the following codecs: • • • • Audio: G.711, G.722,G.723.1, G.726, G.729a, G.
Dialogic® BorderNet™ 4000 SBC Product Description Document • 4+4 gigabit Ethernet (10/100/1000 Base-T or MM fiber each) without port redundancy • Full duplex • Management: 1+1 gigabit Ethernet (10/100/1000 BaseT each) with port redundancy • HA control: 1+1 gigabit Ethernet (10/100/1000 Base-T each) with port redundancy Configuration • Integrated web-based management (https) Management • SNMP traps sent for alarms • Alarms, reports, historical and real-time statistics • Support for Wireshar
Dialogic® BorderNet™ 4000 SBC Product Description Document Safety • UL/CSA 60950-1 - 2nd Edition (2007) • EN 60950-1: 2006 + A11: 2009 • FCC 47 CFR Part 15, Class A Digital Device • ICES-003 Issue 4 - Feb 2004, Class A • EN 55022: 2006 + A1: 2007, Class A Limit • Brazil Anatel Immunity • EN 55024: 1998 + A1: 2001 + A2: 2003 and EN 300 386 V1.4.
Dialogic® BorderNet™ 4000 SBC Product Description Document 3.
Dialogic® BorderNet™ 4000 SBC Product Description Document Status Panel The status panel contains a USB 2.0 connector, Fault Indicator LEDs and panel buttons. The front-facing cover of the BorderNet 4000 SBC does not need to be removed to access the status panel components, and the ID and Reset options are also available via the WebUI. Status Panel Components Description USB Port for a universal serial bus connector (USB 2.0).
Dialogic® BorderNet™ 4000 SBC Product Description Document BorderNet 4000 SBC Rear View The rear view of the BorderNet 4000 SBC consists of two redundant power supplies, four integrated 10/100/1000 BaseT Ethernet ports, monitor and serial ports, and two four-port Gigabit Ethernet cards. Power Supplies Dual 650W power supplies provide redundancy. Both power supplies share the load, and each hot-swappable power supply can be either AC or DC.
Dialogic® BorderNet™ 4000 SBC Product Description Document Primary and secondary links are paired as follows: Link Type Primary Link Secondary Link Management link pair Eth0 Eth3 HA link pair Eth1 Eth2 Session link pair 1 Eth4 Eth8 Session link pair 2 Eth5 Eth9 Session link pair 3 Eth6 Eth10 Session link pair 4 Eth7 Eth11 Ports The BorderNet 4000 SBC has two USB ports, one VGA port, and one serial port.
Dialogic® BorderNet™ 4000 SBC Product Description Document Network Layer 1/2 and Layer 3 redundancy keeps network access to the BorderNet 4000 SBC highly available and makes link failovers transparent to other nodes on the network. • If the Primary Management link (Eth0) fails, the management IP addresses switch over to the secondary link (Eth3). Management access is seamlessly available over the secondary link with no traffic impact.
Dialogic® BorderNet™ 4000 SBC Product Description Document 4. Networking and Topology The BorderNet 4000 SBC supports redundant connectivity to IP networks and can connect to switches or routers that support RFC3768. The Virtual Router Redundancy Protocol (VRRP) automatically assigns routers and provides maximum network availability (VRRP must be set up on each router for network-level redundancy). IP Network Connectivity The BorderNet 4000 SBC separates management and traffic networks.
Dialogic® BorderNet™ 4000 SBC Product Description Document 8021.Q VLAN (Virtual Local Area Network) Support On the BorderNet 4000 SBC, VLANS can be used to separate signaling and media packets into different logical networks. VLANs can also segregate and route traffic to specific peering entities. The BorderNet 4000 SBC supports the configuration of up to 1024 8021.Q VLANs on session links for signaling and media traffic.
Dialogic® BorderNet™ 4000 SBC Product Description Document Topology The BorderNet 4000 SBC supports Secure IP Peering.
Dialogic® BorderNet™ 4000 SBC Product Description Document 5. Security and Service Assurance The BorderNet 4000 SBC protects itself and the network infrastructure from malicious attacks while ensuring that VoIP services are uninterrupted. Resources are always available for legitimate sessions, even under high-load conditions, attacks, and hardware or network failures.
Dialogic® BorderNet™ 4000 SBC Product Description Document Fragmented IP Consistency Checks Valid IP packet fragmentation, transmission, and reassembly are supported as per RFC 791. Each fragmented packet is checked to ensure validity.
Dialogic® BorderNet™ 4000 SBC Product Description Document Advanced Packet Rate-Limiting The BorderNet 4000 SBC provides packet rate limiting to protect against legitimate but misbehaving hosts or DoS attacks from spoofed sources. The incoming traffic is classified into flows based on the combination of parameters, including: • Layer 3 protocol • Layer 4 protocol, local IP, local port and remote IP The flows are subject to rate control as determined by the application or as configured by the operator.
Dialogic® BorderNet™ 4000 SBC Product Description Document IPsec Encapsulating Security Payload (ESP). In the ESP mode, IP packets are encrypted. The BorderNet 4000 SBC also supports manual keying as well as IKE v1 and IKE v2. The BorderNet 4000 SBC IPsec implementation is highly scalable and leverages built-in hardware encryption network processors included with the Network Interface Cards (NIC).
Dialogic® BorderNet™ 4000 SBC Product Description Document 6. SIP Services The Session Initiation Protocol (SIP) is a signaling protocol that establishes sessions in an IP network. SIP interfaces connect trusted and untrusted networks, and each SIP interface is associated with an IP interface (VLAN + IP address and port). The BorderNet 4000 SBC supports SIP RFC3261 and UDP, TCP, and TLS transports for SIP.
Dialogic® BorderNet™ 4000 SBC Product Description Document Timer Values Range: 180 – 360 seconds, configured in increments of 10 seconds SIP Application Layer Gateway The BorderNet 4000 SBC includes a SIP Application Layer Gateway (ALG) that detects potentially malicious SIP requests from outside the trusted network. The SIP ALG validates syntax and semantics for every SIP message received and inspects each message before any other SIP message handling occurs.
Dialogic® BorderNet™ 4000 SBC Product Description Document • Performing SIP message and header tests and manipulations, such as: BeginsWith, Contains, EndsWith, Equal, MatchPattern, NotEqual, RemoveString, ReplaceString, and so forth. PRACK SIP returns two types of responses: a provisional response or a final response. • A final response (2xx – 6xx) reliably conveys the request processing result. • A provisional response (1xx) does not acknowledge the request and is not reliable.
Dialogic® BorderNet™ 4000 SBC Product Description Document Peer Network Load Balancing—Outgoing Sessions The BorderNet 4000 SBC supports load balancing for outbound sessions to peer networks as follows: • The Fully Qualified Domain Name (FQDN) can be assigned multiple IP addresses within a single subnet, with a maximum of 24 IP addresses per FQDN. • Priorities and weights can be configured for the group of IP addresses associated with the FQDN.
Dialogic® BorderNet™ 4000 SBC Product Description Document • Far-end NAT traversal • Support for Application Services call flows • Support for forked calls • DNS (SRV) Application Server redundancy IPPBX Registration Support The BorderNet 4000 SBC can process SIP registration requests from both the consumer devices (such as IADs, soft phones, desk phones, mobile extensions, etc.) as well as from the IPBPBXs. IPPBX Registration Support is implemented as per the guidelines in the SIPconnect 1.
Dialogic® BorderNet™ 4000 SBC Product Description Document • If the message is a response message, the BorderNet 4000 SBC parses the next header. • If the message includes a resource-priority header, the response is parsed and handled. Emergency Call Handling The BorderNet 4000 SBC ensures that emergency sessions are always handled, even under the most severe level of system overload. Priority levels defined by the ETS namespace values (RFC 4412) are supported in the following priority order: • ets.
Dialogic® BorderNet™ 4000 SBC Product Description Document 7. IMS, VoLTE and IPX Support IMS and VOLTE The BorderNet 4000 SBC is suitable for deployment as an advanced SBC in 3GPP IP Multimedia Subsystem (IMS) and ETSI/TISPAN based network architecture. The BorderNet 4000 SBC offers best of the breed border element for securing pure-play 3GPP IMS and VoLTE based modern telecom networks. The BorderNet 4000 SBC is a key anchor for seamless delivery of IMS services across IMS, NGN, and legacy TDM networks.
Dialogic® BorderNet™ 4000 SBC Product Description Document • Security and Encryption o o o o o o o o • Gm Interface Encryption (TLS, IPsec, SRTP) DOS/DDOS Protection ACL Security Hardened stack Protection against malformed messages Rate Limiting (IP and SIP messages) Call Admission Control Emergency Services o Emergency Call Routing o Call Prioritization o SIP URN Processing • Policy Enforcement o Built in Routing Engine o Bandwidth Enforcement • Interworking o o o o o • IPv4/IPv6 IBCF/TrGW (Ici,
Dialogic® BorderNet™ 4000 SBC Product Description Document interworking between SIP-I and SIP has become a serious issue for the mobile carriers as they connect their subscriber base to Over the Top (OTT) and IMS based network partners. Mobile carriers are ever more relying on border elements such as the BorderNet 4000 SBC to bridge the traditional MSC/MGW mobile cores with variety of SIP-based partner services.
Dialogic® BorderNet™ 4000 SBC Product Description Document 8. Interworking Function (IWF) The Interworking Function (IWF) connects clients with different capabilities, including different protocol dialects. BorderNet 4000 SBC B2BUA architecture supports the following IWF capabilities: • IPv4-IPv6 IWF: • SIP-to-IMS: The B2BUA adds or removes the IMS SIP protocol extensions (Pheaders) so that SIP clients can be connected to an IMS network.
Dialogic® BorderNet™ 4000 SBC Product Description Document H.323 calls are interworked to or from SIP calls. The BorderNet 4000 H.323-IWF can act as a direct gateway or a gatekeeper-managed gateway in an H.323 peering network. GK S RA S RA Call Signaling SIP SIP Core IWF SIP UA Carrier A H323 GW Call Signaling Carrier B BN4000 The BorderNet 4000 H.323-IWF provides: • Default settings for translation parameters • Support for H.
Dialogic® BorderNet™ 4000 SBC Product Description Document Call Flow/Type Description slow-start) H.323 fast-start upstream, SIP downstream If the H.323 fast-start offer includes alternative codec options, the SDP offer sends the list of alternative codecs to the downstream SIP device in the same order of preference provided by H.323. The most preferred codec is listed first. The SIP endpoint can accept more than one codec; the H.323 fast-start response cannot.
Dialogic® BorderNet™ 4000 SBC Product Description Document negotiation with the H.323 endpoint to reach a point where the SDP can be generated. When the SDP is generated, then the BorderNet 4000 SBC sends a 183 provisional response. Early media is also supported for H.323-to-SIP calls. In this case, when SDP is received from the SIP endpoint in either a 180 or 183 message, an appropriate message is generated to H.323 with a progress indicator of 8.
Dialogic® BorderNet™ 4000 SBC Product Description Document 9. Media Handling The BorderNet 4000 SBC provides media termination and relay to handle RTP traffic from remote entities signaled through SIP/H.323 messages. It also determines the appropriate media path for a session based on configured options and supports: • RTP/RTCP, T.
Dialogic® BorderNet™ 4000 SBC Product Description Document Policy Based Media Routing Available policies on the BorderNet 4000 SBC can be utilized for control if the media is routed via the BorderNet 4000 SBC or directly between the endpoints. This capability is useful in different instances (such as preserving bandwidth over a skinny WAN link) where it may be preferable to keep the media localized.
Dialogic® BorderNet™ 4000 SBC Product Description Document capable of interworking across media subtype notations as well as payload types. Some of the supported codecs are listed below. Audio Video Image • PCMU • GSM • PCMA • GSM-EFR • G722 • AMR (NB/WB+) • G729 (+/- VAD) • Comfort Noise • G723 (+/- VAD) • t38 • G723-5.3 • iLBC (13.3, 15.2) • G723-6.3 • clearmode • G728 • tone • G726-32 • telephone-event (+ IANA registered) • H.263 • MPV • H.264 • CelB • H.
Dialogic® BorderNet™ 4000 SBC Product Description Document H.245 Type SDP Media Type g722 G722 g728 G728 g729wAnnexB G729 g729 G729 fmtp:18 annexb=no h261VideoCapability H261 h263VideoCapability H263 Media entering the BorderNet 4000 SBC exits the system as per the codec mapping. For example, H.245 type g729wAnnexB exits the system on the SIP side as media type G729. Note: The BorderNet 4000 SBC IWF uses H.323 Version 4 or later and SIP as specified in RFC3261. Most H.
Dialogic® BorderNet™ 4000 SBC Product Description Document 42 • Standalone and Redundant Configuration – The BorderNet 4000 SBC software transcoding can be deployed in either stand alone or redundant (High Availability) configurations.
Dialogic® BorderNet™ 4000 SBC Product Description Document 10. Integrated Management The BorderNet 4000 SBC contains an integrated Local Manager (LM) that provides: • Software Management for upgrades and releases • System Configuration to provision the BorderNet 4000 SBC and manage user accounts • Application Configuration to configure SIP, H.
Dialogic® BorderNet™ 4000 SBC Product Description Document System Configuration System configuration allows operators to: • Manage system services, such as NTP, tracing, IBCF, and other services provided by the platform • Manage IP, IP routing, DNS, and VLAN • Configure user authorization, authentication, and access control System Audit The BorderNet 4000 SBC management framework automatically logs all user actions performed via the WebUI.
Dialogic® BorderNet™ 4000 SBC Product Description Document SOAP/XML API Interface Dialogic introduces a Service Oriented Application Programming (SOAP) interface to the BorderNet 4000 SBC in Release 3.0.0. This XML-based interface facilitates a number of network operations tasks, including complete automation of common provisioning and servicing tasks, machine-to-machine integration with other OSS/BSS systems in the network, business intelligence, analytics, and reporting. In release 3.0.
Dialogic® BorderNet™ 4000 SBC Product Description Document The BorderNet 4000 SBC provides an SDR Parameter Customization feature that enables the operator to: • Decide what parameters to report in each SDR • Control the parameter sequence in each SDR, which can be aligned with the Dialogic® ControlSwitch™ System to facilitate reconciliation • Selectively report additional parameters from SIP Dialog For additional information on SDR customization, see the Dialogic® BorderNet™ 4000 SBC Configuration an
Dialogic® BorderNet™ 4000 SBC Product Description Document The BorderNet 4000 SBC automatically generates the following reports: • Ethernet link statistics • Traffic statistics, including incoming and outgoing data on: • o Answer to Seizure Ratio (ASR) o SIP and H.323 peers o SIP and H.
Dialogic® BorderNet™ 4000 SBC Product Description Document SIP Parameter Filtering Session level tracing allows operators to specify filtering criteria on the following parameters: • Calling Party User • Calling Party Domain • Calling Party Scheme • Called Party User • Called Party Domain • Called Party Scheme • SIP Method, including Invite, Option, Register, and Subscribe Recording Profiles Session level tracing has four recording profiles: 1. Signaling without media 2.
Dialogic® BorderNet™ 4000 SBC Product Description Document 11. Compliance Specifications Specification RFC 1896 Details The text/enriched MIME Content-type RFC 1889 RTP: A Transport Protocol for Real Time Applications RFC 1890 RTP Profile for Audio and Video Conferences with Minimal Control RFC 1918 Address Allocation for Private Internets RFC 2029 RTP Payload Format of Sun’s CellB Video Encoding RFC 2032 RTP Payload Format for H.
Dialogic® BorderNet™ 4000 SBC Product Description Document RFC 2617 HTTP Authentication: Basic & Digest Access Authentication RFC 2633 S/MIME Version 3 Message Specification RFC 2658 RTP Payload Format for PureVoice Audio RFC 2782 A DNS RR for specifying the location of services (DNS SRV) RFC 2806 TelURL RFC 2833 RTP Payload for DTMF Digits, Telephony Tones and Telephony Signals RFC 2854 The 'text/html' Media Type RFC 2915 The Naming Authority Pointer (NAPTR) DNS Resource Record RFC 2976 S
Dialogic® BorderNet™ 4000 SBC Product Description Document (Privacy Extensions) RFC 3326 The Reason Header Field for the SIP RFC 3329 Security Mechanism Agreement for SIP (Security Mechanism) RFC 3362 Real-time Facsimile (T.
Dialogic® BorderNet™ 4000 SBC Product Description Document RFC 3803 Content Duration MIME Header Definition RFC 3824 Using E.
Dialogic® BorderNet™ 4000 SBC Product Description Document Feedback (RTP/AVPF) RFC 4587 RTP Payload Format for H.261 Video Streams RFC 4588 RTP Retransmission Payload Format RFC 4598 Real-time Transport Protocol (RTP) Payload Format for Enhanced AC-3 (E-AC3) Audio RFC 4612 Real-Time Facsimile (T.38) - audio/t38 MIME Sub-type Registration RFC 4629 RTP Payload Format for ITU-T Rec. H.
Dialogic® BorderNet™ 4000 SBC Product Description Document ETSI es_282 003 RACS Functional Architecture (for call flows and usage of H.248) Media Handling Reference Specifications ITU-T H.248.37 IP NAPT Traversal Package ITU-T H.248.40 Inactivity Detection ITU-T H.248.43 Packages for gate ITU-T H.248.52 QoS Support Packages ITU-T H.248.
