# 1. - Oracle SBC - Basic Peer to Peer LAB

# 0.- Oracle SBC Peer to peer lab Introduction

The objective of this first series of entries is to setup an environment to be able to perform testing on a Oracle Session Border Controller.

SIP traffic will be generated using Linphone application on 2 remote hosts using Oracle SBC.

<table border="1" id="bkmrk-name-network-managem" style="border-collapse: collapse; width: 61.1111%; height: 119px;"><colgroup><col style="width: 44.5359%;"></col><col style="width: 55.4675%;"></col></colgroup><tbody><tr style="height: 29.8px;"><td class="align-center" style="height: 29.8px; vertical-align: middle;">**Name**  
</td><td class="align-center" style="height: 29.8px; vertical-align: middle;">**Network**  
</td></tr><tr style="height: 29.8px;"><td class="align-center" style="height: 29.8px; vertical-align: middle;">Management (Home Network)  
</td><td class="align-center" style="height: 29.8px; vertical-align: middle;">192.168.10.0/24  
</td></tr><tr style="height: 29.8px;"><td class="align-center" style="height: 29.8px; vertical-align: middle;">External  
</td><td class="align-center" style="height: 29.8px; vertical-align: middle;">192.168.11.0/24</td></tr><tr><td class="align-center" style="vertical-align: middle;">Internal  
</td><td class="align-center" style="vertical-align: middle;">192.168.12.0/24  
</td></tr></tbody></table>

Diagram representing our LAB

<div drawio-diagram="151"><img src="https://wiki.tinod.net/uploads/images/drawio/2023-04/Ie31z1pAWQoIn1Xy-drawing-1-1682568512.png" alt=""/></div>

<table border="1" id="bkmrk-device-interface-ip-" style="border-collapse: collapse; width: 92.0988%; height: 111.4px; border-width: 1px; border-style: ridge;"><colgroup><col style="width: 20%;"></col><col style="width: 20%;"></col><col style="width: 20%;"></col><col style="width: 20%;"></col><col style="width: 20%;"></col></colgroup><tbody><tr style="height: 29.8px;"><td style="height: 29.8px; border-width: 1px;">Device</td><td style="height: 29.8px; border-width: 1px;">Interface  
</td><td style="height: 29.8px; border-width: 1px;">IP  
</td><td style="height: 29.8px; border-width: 1px;">Gateway  
</td><td style="height: 29.8px; border-width: 1px;">Description  
</td></tr><tr style="height: 29.8px;"><td style="height: 29.8px; border-width: 1px;">OracleSBC  
</td><td style="height: 29.8px; border-width: 1px;">wancom0  
</td><td style="height: 29.8px; border-width: 1px;">192.168.10.100  
</td><td style="height: 29.8px; border-width: 1px;">192.168.10.1  
</td><td style="height: 29.8px; border-width: 1px;">SBC Management</td></tr><tr><td style="border-width: 1px;">OracleSBC</td><td style="border-width: 1px;">s0p0  
</td><td style="border-width: 1px;">192.168.11.100  
</td><td style="border-width: 1px;">192.168.11.1  
</td><td style="border-width: 1px;">SBC Internal</td></tr><tr><td style="border-width: 1px;">OracleSBC</td><td style="border-width: 1px;">s1p1  
</td><td style="border-width: 1px;">192.168.12.100  
</td><td style="border-width: 1px;">192.168.12.1  
</td><td style="border-width: 1px;">SBC External</td></tr><tr><td style="border-width: 1px;">VM1  
</td><td style="border-width: 1px;">enp1s0  
</td><td style="border-width: 1px;">192.168.10.21  
</td><td style="border-width: 1px;">192.168.10.1  
</td><td style="border-width: 1px;">VM1 Management</td></tr><tr><td style="border-width: 1px;">VM1  
</td><td style="border-width: 1px;">enp3s0  
</td><td style="border-width: 1px;">192.168.11.101  
</td><td style="border-width: 1px;">192.168.11.1  
</td><td style="border-width: 1px;">VM1 Internal</td></tr><tr><td style="border-width: 1px;">VM1  
</td><td style="border-width: 1px;">enp1s0  
</td><td style="border-width: 1px;">192.168.10.22  
</td><td style="border-width: 1px;">192.168.10.1  
</td><td style="border-width: 1px;">VM1 Management  
</td></tr><tr style="height: 29.8px;"><td style="border-width: 1px;">VM1  
</td><td style="border-width: 1px;">enp3s0  
</td><td style="height: 29.8px; border-width: 1px;">192.168.12.101  
</td><td style="height: 29.8px; border-width: 1px;">192.168.12.1  
</td><td style="height: 29.8px; border-width: 1px;">VM2 External</td></tr></tbody></table>

# 1. - Oracle SBC Initial configuration

Initial password acme

you will need to setup a new password

![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-03/scaled-1680-/gsKimage.png)

en password is packet

![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-03/scaled-1680-/rD0image.png)

enter setup product, press 1 to modify then 5 for sbc enterprise then s to save

[![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-03/scaled-1680-/xJ5image.png)](https://wiki.tinod.net/uploads/images/gallery/2023-03/xJ5image.png)

enter command setup entitlements then 1 for session capacity enter 100 then save

![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-03/scaled-1680-/8Umimage.png)

Select 2 to enable advance licenses then press s to save config

![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-04/scaled-1680-/sClGofDPb2UIKIbY-image.png)

go to config t and setup bootparam

IP address to ssh remotely for management

```bash
(configure)# bootparam

'.' = clear field;  '-' = go to previous field;  q = quit

Boot File               : /boot/bzImage 
IP Address              : 192.168.10.100 
VLAN                    : 
Netmask                 : 255.255.255.0 
Gateway                 : 192.168.10.1 
IPv6 Address            : 
IPv6 Gateway            : 
Host IP                 : 
FTP username            : 
FTP password            : 
Flags                   : 
Target Name             : PCOSBC 
Console Device          : VGA 
Console Baudrate        : 115200 
Other                   : 

NOTE: These changed parameters will not go into effect until reboot. 
Also, be aware that some boot parameters may also be changed through
PHY and Network Interface Configurations.

```

After rebooting, SBC must show LabOSBC in the prompt name and must reply in the network.

configure options

```shell
(configure)# session-router 
(session-router)# sip-config 
(sip-config)# options +max
(sip-config)# options +max-udp-length=0
(sip-config)# options +reinvite-trying=yes
(sip-config)# options +sag-target-uri=ip
(sip-config)# enum-sag-match enabled
(sip-config)# extra-method-stats enable
(sip-config)# 
(sip-config)# done
sip-config

```

<details id="bkmrk-options-explained-th"><summary>Options explained</summary>

<div class="w-[30px] flex flex-col relative items-end"><div class="relative h-[30px] w-[30px] p-1 rounded-sm text-white flex items-center justify-center" style="background-color: rgb(16, 163, 127);"><svg class="h-6 w-6" fill="none" height="41" stroke-width="1.5" viewbox="0 0 41 41" width="41" xmlns="http://www.w3.org/2000/svg"></svg>  
</div></div>These are some configuration options for SIP (Session Initiation Protocol) on an Oracle SBC:

<div class="relative flex w-[calc(100%-50px)] flex-col gap-1 md:gap-3 lg:w-[calc(100%-115px)]"><div class="flex flex-grow flex-col gap-3"><div class="min-h-[20px] flex flex-col items-start gap-4 whitespace-pre-wrap"><div class="markdown prose w-full break-words dark:prose-invert dark">1. `options +max`: This command sets the maximum number of simultaneous sessions that the SBC can handle. The value can be any integer between 1 and 50000.
2. `options +max-udp-length=0`: This command sets the maximum UDP packet size to 0, which effectively disables UDP transport for SIP signaling. This can be useful for troubleshooting or for environments where UDP traffic is not allowed.
3. `options +reinvite-trying=yes`: This command enables the SBC to send 100 Trying responses to re-INVITE requests from the far-end UA (user agent). This is useful when the far-end UA sends re-INVITE requests without waiting for an answer to the previous request.
4. `options +sag-target-uri=ip`: This command sets the target URI for the SAG (Session Agent) to the IP address of the SBC. This is useful when the SAG and SBC are on different networks and the SAG needs to know the IP address of the SBC.
5. `enum-sag-match enabled`: This command enables the ENUM (Electronic Numbering) feature on the SBC. ENUM is a protocol that maps telephone numbers to IP addresses, allowing SIP calls to be routed more efficiently.
6. `extra-method-stats enable`: This command enables additional SIP method statistics to be collected by the SBC. This can provide more detailed information on SIP traffic patterns and help with troubleshooting.

</div></div></div></div></details>Toggle to display options

<details id="bkmrk-options-state-%C2%A0-%C2%A0-%C2%A0-"><summary>Options</summary>

state enabled  
 operation-mode dialog  
 dialog-transparency enabled  
 home-realm-id   
 egress-realm-id   
 auto-realm-id   
 nat-mode None  
 registrar-domain   
 registrar-host   
 registrar-port 0  
 register-service-route always  
 init-timer 500  
 max-timer 4000  
 trans-expire 32  
 initial-inv-trans-expire 0  
 invite-expire 180  
 session-max-life-limit 0  
 inactive-dynamic-conn 32  
 enforcement-profile   
 pac-method   
 pac-interval 10  
 pac-strategy PropDist  
 pac-load-weight 1  
 pac-session-weight 1  
 pac-route-weight 1  
 pac-callid-lifetime 600  
 pac-user-lifetime 3600  
 red-sip-port 1988  
 red-max-trans 10000  
 red-sync-start-time 5000  
 red-sync-comp-time 1000  
 options max-udp-length=0  
 reinvite-trying=yes  
 sag-target-uri=ip  
 spl-options   
 add-reason-header disabled  
 sip-message-len 4096  
 enum-sag-match enabled  
 extra-method-stats enabled  
 extra-enum-stats disabled  
 mps-volte disabled  
 rph-feature disabled  
 nsep-user-sessions-rate 0  
 nsep-sa-sessions-rate 0  
 registration-cache-limit 0  
 register-use-to-for-lp disabled  
 refer-src-routing disabled  
 add-ucid-header disabled  
 proxy-sub-events   
 allow-pani-for-trusted-only inherit  
 atcf-stn-sr   
 atcf-psi-dn   
 atcf-route-to-sccas disabled  
 eatf-stn-sr   
 pass-gruu-contact disabled  
 sag-lookup-on-redirect disabled  
 set-disconnect-time-on-bye disabled  
 refer-reinvite-no-sdp disabled  
 msrp-delayed-bye-timer 15  
 transcoding-realm   
 transcoding-agents   
 create-dynamic-sa disabled  
 node-functionality P-CSCF  
 match-sip-instance disabled  
 sa-routes-stats disabled  
 sa-routes-traps disabled  
 rx-sip-reason-mapping disabled  
 add-ue-location-in-pani inherit  
 hold-emergency-calls-for-loc-info 0  
 retry-after-upon-offline 0  
 reg-reject-response-upon-offline 503  
 hold-invite-calls-for-loc-info 0  
 cache-loc-info-expire 32  
 msg-hold-for-loc-info 0  
 npli-upon-register inherit  
 start-hold-timer-event AAR  
 hist-to-div-for-cause-380 inherit  
 anonymize-history-for-untrusted disabled  
 asymm-preconditions-evs-swb-support disabled  
 sms-report-timeout 32  
 user-agent

</details>config continue

```shell
(sip-config)# exit     
(session-router)# exit
(configure)# media-manager 
(media-manager)# media-manager 
(media-manager-config)# select
(media-manager-config)# options active-arp
(media-manager-config)# 
(media-manager-config)# done

```

<details id="bkmrk-media-manager-option"><summary>Media Manager options</summary>

media-manager  
 state enabled  
 latching enabled  
 flow-time-limit 86400  
 initial-guard-timer 300  
 subsq-guard-timer 300  
 tcp-flow-time-limit 86400  
 tcp-initial-guard-timer 300  
 tcp-subsq-guard-timer 300  
 tcp-number-of-ports-per-flow 2  
 hnt-rtcp disabled  
 algd-log-level NOTICE  
 mbcd-log-level NOTICE  
 options active-arp  
 red-flow-port 1985  
 red-mgcp-port 1986  
 red-max-trans 10000  
 red-sync-start-time 5000  
 red-sync-comp-time 1000  
 media-policing enabled  
 max-arp-rate 10  
 max-signaling-packets 0  
 max-untrusted-signaling 100  
 min-untrusted-signaling 30  
 dos-guard-window 5  
 untrusted-minor-threshold 0  
 untrusted-major-threshold 0  
 untrusted-critical-threshold 0  
 trusted-minor-threshold 0  
 trusted-major-threshold 0  
 trusted-critical-threshold 0  
 arp-minor-threshold 0  
 arp-major-threshold 0  
 arp-critical-threshold 0  
 tolerance-window 30  
 untrusted-drop-threshold 0  
 trusted-drop-threshold 0  
 acl-monitor-window 30  
 trap-on-demote-to-deny disabled  
 trap-on-demote-to-untrusted disabled  
 syslog-on-demote-to-deny disabled  
 syslog-on-demote-to-untrusted disabled  
 rtcp-rate-limit 0  
 anonymous-sdp disabled  
 rfc2833-timestamp disabled  
 reactive-transcoding disabled  
 default-2833-duration 100  
 rfc2833-end-pkts-only-for-non-sig enabled  
 translate-non-rfc2833-event disabled  
 media-supervision-traps disabled  
 dnsalg-server-failover disabled  
 syslog-on-call-reject disabled  
 xcode-fax-max-rate 14400

</details>Interface-mapping show

```shell
# interface-mapping show
Interface Mapping Info
-------------------------------------------
Eth-IF  MAC-Addr                Label
wancom0 52:54:00:0D:A0:DE       #generic
wancom1 52:54:00:DC:CF:FA       #generic
s0p0    52:54:00:5B:02:C1       #generic
wancom2 FF:FF:FF:FF:FF:FF       #dummy
spare   FF:FF:FF:FF:FF:FF       #dummy
s1p0    FF:FF:FF:FF:FF:FF       #dummy
s0p1    FF:FF:FF:FF:FF:FF       #dummy
s1p1    FF:FF:FF:FF:FF:FF       #dummy
s0p2    FF:FF:FF:FF:FF:FF       #dummy
s1p2    FF:FF:FF:FF:FF:FF       #dummy
s0p3    FF:FF:FF:FF:FF:FF       #dummy
s1p3    FF:FF:FF:FF:FF:FF       #dummy

```

In case of an incorrect interface mapping between the VM settings with the interfaces in the Oracle SBC use the following command to swap the MAC addresses. Important note, any swap change requires a reboot of the virtual Oracle SBC.

<p class="callout info">Below screenshot its using linux KVM Virtual Machine Manager  
</p>

![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-03/scaled-1680-/pDar7ykuHde0uwuw-JKBimage.png)

```bash
# interface-mapping show
Interface Mapping Info
-------------------------------------------
Eth-IF  MAC-Addr                Label
wancom0 52:54:00:0D:A0:DE       #generic
wancom1 52:54:00:DC:CF:FA       #generic
s0p0    52:54:00:5B:02:C1       #generic
wancom2 FF:FF:FF:FF:FF:FF       #dummy
spare   FF:FF:FF:FF:FF:FF       #dummy
s1p0    FF:FF:FF:FF:FF:FF       #dummy
s0p1    FF:FF:FF:FF:FF:FF       #dummy
s1p1    FF:FF:FF:FF:FF:FF       #dummy
s0p2    FF:FF:FF:FF:FF:FF       #dummy
s1p2    FF:FF:FF:FF:FF:FF       #dummy
s0p3    FF:FF:FF:FF:FF:FF       #dummy
s1p3    FF:FF:FF:FF:FF:FF       #dummy

# interface-mapping swap
Error: Missing label text!
# interface-mapping swap wancom0 wancom1
Interface Mapping Info after swapping
-------------------------------------------
Eth-IF  MAC-Addr                Label
wancom0 52:54:00:DC:CF:FA       #generic
wancom1 52:54:00:0D:A0:DE       #generic
s0p0    52:54:00:5B:02:C1       #generic
wancom2 FF:FF:FF:FF:FF:FF       #dummy
spare   FF:FF:FF:FF:FF:FF       #dummy
s1p0    FF:FF:FF:FF:FF:FF       #dummy
s0p1    FF:FF:FF:FF:FF:FF       #dummy
s1p1    FF:FF:FF:FF:FF:FF       #dummy
s0p2    FF:FF:FF:FF:FF:FF       #dummy
s1p2    FF:FF:FF:FF:FF:FF       #dummy
s0p3    FF:FF:FF:FF:FF:FF       #dummy
s1p3    FF:FF:FF:FF:FF:FF       #dummy


Changes could affect service, and Requires Reboot to become effective.

Continue [y/n]?: 

```

show arp and ping gateway

```bash
# show arp
IP address       HW type     Flags       HW address            Mask     Device
192.168.10.1     0x1         0x2         7c:2b:e1:13:be:3d     *        wancom0
192.168.10.10    0x1         0x2         f0:2f:74:20:1a:17     *        wancom0

                Total L2 Entries = 0
                -----------------------
No Gateway Entries (0)
# ping 192.168.10.1
PING 192.168.10.1 from wancom0:1

44 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.183 ms
44 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.158 ms
44 bytes from 192.168.10.1: icmp_seq=3 ttl=64 time=0.211 ms
44 bytes from 192.168.10.1: icmp_seq=4 ttl=64 time=0.209 ms

4 packets transmitted, 4 received, 0% packet loss

```

# 2. - Oracle SBC - Virtual Machines for testing

We need to deploy 2 virtual machines in order to test communication between phones via Oracle SBC

we will not go over the deployment, feel free to choose any distribution, for this lab we are using Lubuntu. (feel free to use windows if needed) visit [https://www.linphone.org/](https://www.linphone.org/) to download.

first we need to update our distro and install necessary tools

sudo apt-get update

sudo apt-get install wireshark (make sure you allow non-superusers to capture packets)

[![image.png](https://wiki.tinod.net/uploads/images/gallery/2023-04/scaled-1680-/5fPeNeDLj0BJ9w5N-image.png)](https://wiki.tinod.net/uploads/images/gallery/2023-04/5fPeNeDLj0BJ9w5N-image.png)

next we will add linphone repository and install linphone

***sudo add-apt-repository ppa:linphone/release***

***sudo apt-get update***

***sudo apt-get install linphone -y***

Last step is to manually assign IP address to our interfaces, example below is for VLAN 1 we are using

enp1s0 - 192.168.10.21

enp3s0 - 192.168.11.101

```bash
csr@vm1:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:1b:aa:1f brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.21/24 brd 192.168.10.255 scope global noprefixroute enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::9fdc:3b2e:a4a9:29af/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:c7:c9:c5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.30/24 brd 192.168.10.255 scope global dynamic noprefixroute enp2s0
       valid_lft 6425sec preferred_lft 6425sec
    inet6 fe80::a096:1c9d:9db0:f414/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:0e:0c:17 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.101/24 brd 192.168.11.255 scope global noprefixroute enp3s0
       valid_lft forever preferred_lft forever
    inet6 fe80::d0ef:196b:c26b:f50d/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

```

ping all gateways to validate connectivity.

```bash
csr@vm1:~$ ping 192.168.10.1
PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.249 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.203 ms
^C
--- 192.168.10.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.203/0.226/0.249/0.023 ms
csr@vm1:~$ ping 192.168.11.1
PING 192.168.11.1 (192.168.11.1) 56(84) bytes of data.
64 bytes from 192.168.11.1: icmp_seq=1 ttl=64 time=0.436 ms
64 bytes from 192.168.11.1: icmp_seq=2 ttl=64 time=0.244 ms
^C
--- 192.168.11.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1021ms
rtt min/avg/max/mdev = 0.244/0.340/0.436/0.096 ms
csr@vm1:~$ ping 192.168.12.1
PING 192.168.12.1 (192.168.12.1) 56(84) bytes of data.
64 bytes from 192.168.12.1: icmp_seq=1 ttl=64 time=0.271 ms
64 bytes from 192.168.12.1: icmp_seq=2 ttl=64 time=0.268 ms
^C
--- 192.168.12.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1023ms
rtt min/avg/max/mdev = 0.268/0.269/0.271/0.001 ms

```