Top

Getting started

Danger, Warning, Caution, and Note Definitions

Danger: Indicates a hazardous situation which, if not avoided, will result in death or serious injury.
Warning: Indicates a hazardous situation which, if not avoided, could result in death or serious injury.
Caution: Indicates a hazardous situation which, if not avoided, could result in minor or moderate injury or damage to property or equipment.
Note: Indicates important information not related to personal injury.

Top

Logon

Logging on to the Mediatrix Unit Web Interface

Before you begin
The computer IP address must be in the same TCP/IP network as the Mediatrix unit.
About this task
For better performances, it is recommended to use the latest available version of Microsoft Internet Explorer, Google Chrome, or Mozilla Firefox.
Note: You may not be able to log on to the Mediatrix unit Web interface if you are using older browser versions.
Procedure
  1. In your Web browser, enter the IP address at which the Web interface of your Mediatrix unit can be reached.
    • If your network has an IPv4 DHCP server, connect the primary Ethernet port of the Mediatrix unit to the network (ETH1 port), use the provided DHCP server IP address.
    • You can also connect your computer to the secondary Ethernet port of the Mediatrix unit (ETH2), use the 192.168.0.10 IP address. however, the computer must also own an IP address in the 192.168.0.0/24 network.
  2. Enter admin as your username and administrator as the password.
    Note: You can also use public as a username and leave the password field empty. it has the full administration rights by default.
  3. Click Login.
Results
The Information page of the Web interface is displayed.

Top

Mediatrix Unit Reset

Basic Reset Concepts

Partial Reset

The partial reset provides a way to contact the Mediatrix unit in a known and static state while keeping most of the configuration unchanged.

A partial reset can be performed at the initial start-up of the Mediatrix unit or on a unit already in use where the configuration was modified in such a way that the user can no longer access the system by the Web page or otherwise. In both cases, the user can manage the Mediatrix unit through its Rescue interface, which is bound to the unit's WAN port (wan for the Mediatrix 4102S, and ETH1 for all other Mediatrix units). The IP address of the Rescue interface is 192.168.0.1 (IPv4) or an IPv6 Link Local address.. These connections give access to the Rescue Management Interface where the configuration of a new unit can be completed and where an existing configuration can be modified.

By default the Rescue Network Interface is disabled. When a partial reset is performed, the Rescue network Interface becomes enabled and the "Power" and "Ready" LEDs are blinking at 1Hz with 75% duty and all other LEDs are off. Once the configuration has been modified to solve the problem that required the partial reset, it is important to disable the Rescue Network Interface to make sure that you are no longer working in the Rescue Network Interface.

Performing a partial reset on a new unit will not modify the configuration, as it has not yet been modified to your needs. However, a partial reset performed on a unit already in use will:
  • Rollback Local Firewall settings that are not yet applied.
  • Add a Local Firewall rule to allow complete access to the Rescue interface.
  • Rollback NAT settings that are not yet applied.
  • Add NAT rule to allow complete access to the Rescue interface.
  • Cancel the changes that were being modified but not yet applied to the configuration.
  • Disable any Network Interface in conflict with the Network Rescue Interface.
  • Configure and enable the Rescue Network Interface to:
    • use the link as the default value used by the Uplink Network Interface
    • set the IP address to 192.168.0.1 and the Network Mask to 255.255.255.0.
    • set the IPv6 link-local address on all network links. The IPv6 link-local address can be found underneath the unit.
A partial reset will also modify the following parameters and preserve the values below even after the Rescue interface has been disabled.
Note: These changes are valid when using a MX profile. If the Mediatrix unit is not using a MX profile, the default values and therefore the behaviour of the parameters may be different.
Service Parameter Default Value
AAA Users.Password User(s) from profile are restored with their factory password. All other usernames keep their password.
Users.AccessRights User(s) from profile are restored with their factory rights.
ServicesAaaType (table) Each service will be configured to use Local authentication and no accounting mechanism.
CLI EnableTelnet Disable
TelnetPort 23
EnableSsh Enable
SshPort 22
InactivityTimeOut 15
HOC ManagementInterface Rescue
SNMP Port 161
EnableSnmpV1 Enable
EnableSnmpV2 Enable
EnableSnmpV3 Enable
Web ServerPort 80
SecureServerPort 443

Top

Factory Reset

The Factory reset reverts the Mediatrix unit back to its default factory settings.

It deletes the persistent configuration parameters of the unit, including:
  • User files stored in the File service
  • Certificates, except for factory installed ones
  • Log files of the File service
The Factory reset should be performed with the Mediatrix unit connected to a network with access to a DHCP server. If the unit cannot find a DHCP server, it will sent requests indefinitely. A Factory Reset can be triggered either:
  • Directly on the unit. Refer to Performing a Factory Reset.
  • Via the web interface of the Mediatrix unit (Management/Firmware Upgrade).
  • Via the Command Line Interface of the Mediatrix unit by using the fpu.defaultsetting parameter.

Top

RESET/DEFAULT Button

The Reset/Default button is a switch that can be used to perform a partial or factory reset while the unit is running.

In other words, the Reset/Default button can be used to:
  • Cancel an action that was started.
  • Revert to known factory settings if the Mediatrix unit refuses to work properly for any reason or the connection to the network is lost.
  • Reconfigure a unit.
The Reset/Default button will generate different actions depending on the amount of time the button is held.
IMPORTANT: It is the LED pattern that will indicate the action that is being applied to the unit. The action will occur more or less rapidly depending on the platform.
LED Pattern Action Comment
Power1 blinking, all other LEDs OFF Restarts the Mediatrix unit. No changes are made to the Mediatrix unit settings.
All LEDs blinking, 1cycle per second, 50% duty Initiates a Partial Reset of the Mediatrix unit.
Note: The partial reset is optional as it can be disabled with the CLI Hardware.ResetButtonManagement parameter. For more details, refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/
Restarts the unit in a known and static state while keeping most of the configuration unchanged.
All LEDs steady ON Initiates a Factory Reset of the Mediatrix unit. Reverts the unit back to its default factory settings.
All LEDs will become OFF after blinking and being steady on. No action is taken. This is useful if you accidentally pushed the button and do not need and action to be applied. The action is ignored.

Top

Basic Reset Tasks

Performing a Partial Reset

Before you begin
Note: It is not recommended to access the unit on a regular basis through the Rescue Network Interface.
Important: Make sure the unit is connected to the WAN port, as the Rescue interface is bound to the unit's WAN port (wan for the Mediatrix 4102S, and ETH1 for all other Mediatrix units). The IP address of the Rescue interface is 192.168.0.1 (IPv4) or an IPv6 Link Local address.
Procedure
  1. When the Power LED is steady or blinking rapidly, insert a small unbent paper clip into the hole of the Reset/Default button located on the Mediatrix unit.
    Note: The Power LED will start blinking.
  2. Wait a few seconds.
  3. When all LEDs are blinking, but before they stop blinking, remove the paper clip.
    Note: You have between 7 to 11 seconds.
Results

The Rescue Network Interface is displayed when accessing the Management Interface. Several parameters and services are modified, refer to Partial Reset. Do not forget to perform the Disabling the Rescue Interface step.


Top

Disabling Partial Reset - ResetButtonManagement

Steps
  1. Open CLI (Command Line Interface).
  2. Set ResetButtonManagement to DisablePartialReset.
Result
The Mediatrix unit will no longer partially reset the unit.

Top

Performing a Factory Reset

Context
The Factory reset alters any persistent configuration data of the Mediatrix unit.
Steps
  1. Insert a small, unbent paper clip into the hole of the Reset/Default button, located on the Mediatrix unit.
    Note: Do not release the Reset/Default button before the LEDs stop blinking and are steadily ON. This can last from 12 to 16 seconds. If you leave the inserted pin longer, no action will be taken which is useful if you accidentally pushed the button and do not need any action to be applied.
  2. Release the paper clip.
Result
All configuration parameters are reset to their default value. The unit can then be contacted via its WAN interface DHCP-provided IP address (ETH1 or WAN on the 4102S), or via its LAN interface default IP address 192.168.0.10 (ETH2 or LAN on the 4102S).

Top

Personnal Data Usage and Protection

Personal Data Exposure

Personal Data Collection

Mediatrix products collect the basic personal data required for the proper delivery of the telecommunication service. The actual collected data depends on the type of users and how the Mediatrix products are administrated.

Type of users Collected Personal Information Collected Activity Information
End-Users Name and phone number used to register to the telecommunication provider service. Calls history for billing purposes and call details and recordings for troubleshooting purposes. For example:
  • Call date/time and duration
  • IP address
  • Voice or video stream
  • Fax or modem data stream
  • In-call digits dialled (DTMF)
  • E911 geo-localisation
  • Voicemail PIN
  • etc.
System Administrators and Technical Support Account name and password used to access the product for administrative and troubleshooting purposes.
  • Logs of the administration and troubleshooting activities.
  • Audit trails of the administration and troubleshooting activities.

Top

Personal Data Processing

Personal data is processed in Mediatrix products through the following activities:

  • Configuring and storing end-user data
  • Recording voice and fax calls
  • Logging call history (CDR)
  • Logging administration audit trails
  • Access of the personal data by an authorised system administrator
  • Provisioning data
  • Maintenance, administration and technical support records
  • Audit trails
  • End-user activity records
  • End-User personal content
  • Recording voice and fax calls for troubleshooting

Top

Personal Data Transfers

The following collected personal data may be transferred to other systems, depending on how the device administrators configure the Mediatrix products.

  • Call Details Records (CDR) may be sent to an external call accounting system.
  • Logs may be sent over an external monitoring system for live troubleshooting.
  • Administration activity logs may be sent over an external monitoring system for auditing.
  • Backups of the Mediatrix products, containing collected personal data, may be retrieved by an authorised system administrator.
  • Network captures from the Mediatrix products, containing collected personal data, may be retrieved by an authorised system administrator for troubleshooting purposes.

Top

Personal Data Protection

System and Data Protection

To protect the end-user personal data stored inside the Mediatrix devices, the device administrator should control and restrict access to the management interfaces by:

  • Forcing the use of a strong authentication password
  • Authorising LAN access only
  • Using the device firewall service to limit the remote access to the device to only authorized peers and authorised services
  • Using an external firewall
  • Enabling IEEE 802.1x authentication of Ethernet link

The device administrator may also enforce the use of encryption and authentication for a secure administration of the Mediatrix devices:

  • Authenticated Management Interfaces:
    • Web Interface: HTTPS with trusted certificates
    • CWMP: HTTPS with trusted certificates
    • CLI: SSH
  • Secure Management Operations:
    • Consult or retrieve the stored personal data: HTTPS with trusted certificates
    • Provisioning: HTTPS with trusted certificates
    • Firmware upgrades: HTTPS with trusted certificates
    • Backup/restore: HTTPS with trusted certificates

Top

Communications Protection (VoIP Calls)

The device administrator may configure the encryption of the data that transits through Mediatrix products:

  • Call signalling: SIP over TLS with trusted certificates
  • Media packets: SRTP

Top

Access and Communications

The Mediatrix products have three (3) default account roles:
  • Administrator
  • User (no password access)
  • Observer (read-only)

All the management interfaces are restricted to authorised accounts only, verified by username and password. Refer to the System and Data Protection section for the list of management interfaces and how to protect them.

The account credentials may be stored locally in the Mediatrix devices or in an external RADIUS authentication server.

In all cases, the device administrator should restrict the physical access to the Mediatrix products.


Top

Data Deletion

The Mediatrix products allow an authorised system administrator to delete end-user registration information (name and number).

A system administrator should also delete any temporary logs that may have been stored locally during a troubleshooting session such as:
  • call history
  • call recordings
  • network captures

A factory reset can be performed by a system administrator to revert a Mediatrix device back to its default factory state through a factory reset, thus erasing all the collected data and configuration.


Top

Audit

Audit trail logs of the system administrator activities may be enabled by the device administrator. These audit logs may be temporarily stored locally or sent through syslog to an external monitoring system.


Top

Management Interfaces




Top

IPv6

Basic IPv6 Concepts

IPv6

IPv6 (Internet Protocol version 6) is the successor to the most common Internet Protocol today (IPv4).

This is largely driven by the fact that IPv4 32-bit addresses are quickly being consumed by the ever-expanding sites and products on the Internet. IPv6 128-bit address space should not have this problem for the foreseeable future.

IPv6 addresses, in addition to being longer, are distinguished from IPv4 addresses by the use of colons ":", e.g. 2001:470:8929:4000:201:80ff:fe3c:642f. An IPv4 address is noted by 4 sets of decimal numbers separated by periods ".", e.g. 192.168.10.1.

Please note that IPv6 addresses should be written between [ ] to allow port numbers to be set.

For instance, [fd0f:8b72:5::1]:5060.


Top

IPv6 Availability

DGW supports IPv6 except for:
  • CPE WAN Management Protocol (CWMP)/TR-069
  • DHCP embedded sever
  • IP Routing
  • Local Firewall (LFW)
  • Network Firewall (NFW)
  • Network Address Translation (NAT)
  • Online Certificate Status Protocol (OSCP)
  • Remote Authentication Dial In User Services (RADIUS)
  • Session Border Controller (SBC)
  • Simple Network Management Protocol (SNMP)
  • PPPoE

Top

IPv6 link-local Addresses

IPv6 link-local addresses start with fe80 and must include the scope identifier

Therefore, the format of a link-local address is: [IPv6 link-local%ScopeIdentifier].

The scope identifier corresponds to:
  • On Windows: the network link used to contact the IPv6 link-local address.
  • On Linux: the link name or the interface number.

For example, if the unit must contact a server at the IPv6 link-local fe80::201:80ff:fe3c:642f address, you must check on which network link the server is available. Some units have WAN or LAN. If it is on the WAN link, the IP address would then be "[fe80::201:80ff:fe3c:642f%wan]".


Top

IPv6 Basic Tasks

Locating the Scope Identifier of fe80 IPv6 Addresses on Windows

Context
IMPORTANT: If the Mediatrix unit is configured to use IPv6 addresses and the firmware is downgraded to a version that does not support IPv6, then all IPv6 networks are deleted.
Steps
  1. Open the Windows Command Line interface.
  2. Type ipconfig.
  3. Locate the IPv6 address.
    Note: The IPv6 address starts with fe80.
  4. Locate the interface number in the IPv6 address.
    Note: the interface number is at the end of the address, after the %.
Result
In the following example, the interface number of the [fe80::201:80ff:fe3c:642f%4] IPv6 address is 4.


Top

Locating the Scope Identifier of fe80 IPv6 Addresses on Linux

Context
IMPORTANT: If the Mediatrix unit is configured to use IPv6 addresses and the firmware is downgraded to a version that does not support IPv6, then all IPv6 networks are deleted.
Steps
  1. Open the Linux Command Line interface.
  2. Type ipconfig.
  3. Locate the IPv6 address.
    Note: The IPv6 address starts with fe80.
  4. Locate the interface number in the IPv6 address.
Result
In the following example, to contact the IPv6 link-local IPv6 address "fe80::201:80ff:fe3c:642f", you would use: [fe80::201:80ff:fe3c:642f%2] or [fe80::201:80ff:fe3c:642f%eth0].


Top

Naming Conventions

When defining a name for a parameter, only ascii characters are authorised.

This is valid when defining a name for a parameter in a Web Page of the Management interface, but also for parameters accessed via the CLI, the MIB, or a script.

For example, to be valid, the Service Name defined during PPPoE configuration must only contain ascii characters. Special characters such as " " (space), """ (double quote), "“" (left double quote), "‘" (left single quote), "#", "£", "¢", "¿", "¡", "«", "»" will cause the system to display a syntax error message.


Top

ASCII Special Characters

The DGW v2.0 Application does not support ASCII special characters higher than 127.

Top

Unit Macros

Macro Description
%mac% the MAC address of the unit
%version% the MFP version of the unit (firmware version)
%product% the Product name of the unit
%productseries% the Product series name of the unit.

Top

Command Line Interface (CLI)

CLI Basic Concept

Command Line Interface (CLI)

The Command Line Interface (CLI) provides an access to interactively configure all the Mediatrix unit parameters.

The CLI is accessed through either a secure SSH session (default) or an unsecure TELNET session. When using a secure SSH session, all communications between Client and server are encrypted before being sent over the network, thus packet sniffers are unable to extract user names, passwords, and other potentially sensitive data. This is the default and recommended way to access the Command Line Interface.

The command interpreter interface of the CLI allows the user to browse the unit parameters, write the command lines, and display the system's notification log.


Top

CLI Basic Tasks

Creating the Telnet Session Activation Configuration Script

Steps
  1. Open a text editor.
  2. Copy and paste the text included in the following Result section.
    Note: If necessary, you can customise the value of the Cli.InactivityTimeOut and Cli.TelnetPort parameters.
  3. Save the file as telnet.cfg
Result
The configuration script to enable Telnet sessions is created but needs to be imported to the unit.


Top

Accessing the CLI via a Telnet Session

Context
IMPORTANT: Remember that when using a Telnet session to access the CLI, communications between Client and server are not secured, thus packet sniffers are able to extract user names, passwords, and other potentially sensitive data. Therefore, Media5 Corporation strongly recommends using an SSH session.
Before you begin
Your unit must be properly connected. Refer to the Hardware Installation Guide of your unit published on the Media5 documention portal at https://documentation.media5corp.com/
Steps
  1. Start your Telnet Client.
  2. Enter the IP address of your unit.
  3. Enter the port number 23.
  4. Select Telnet as the connection type.
  5. When prompted for login, enter your login userrname (Default usernames are public or admin).
  6. Enter your login password (for the default admin usrname, the password is administrator, for the public username, no password is required).
    Note: If you are accessing the unit through the CLI for the first time or after a factory reset, you may be presented with a warning message regarding the unit’s identification. You can accept the message and continue.
Result
After you have successfully connected to the Mediatrix unit by using a Telnet session, you can start using the CLI to configure the Mediatrix unit. For more details on the scripting language, refer to the DGW Configuation guide - Configuration Scripting Language Syntax published on the Media5 documentation portal at https://documentation.media5corp.com/.

Top

Accessing the CLI via an SSH Session

Before you begin
Your unit must be properly connected. Refer to the Hardware Installation Guide of your unit published on the Media5 documention portal at https://documentation.media5corp.com/
Context
This is the recommended way to access the CLI.
Steps
  1. Start your SSH Client.
  2. Enter the IP address of your unit.
  3. Use the SSH default port number, i.e. 22 unless, you have previously changed it in the DGW Web interface under Management/Misc.
  4. Select SSH as the connection type.
  5. When prompted for login, enter your login userrname (Default usernames are public or admin ).
  6. Enter your login password (for the default admin username, the password is administrator, for the public username, no password is required).
    Note: If you are accessing the unit through the CLI for the first time or after a factory reset, you may be presented with a warning message regarding the unit’s identification. You can accept the message and continue.
Result
After you have successfully connected to the Mediatrix unit by using an SSH session, you can start using the CLI to configure the Mediatrix unit. For more details on the scripting language, refer to the DGW Configuation guide - Configuration Scripting Language Syntax published on the Media5 documentation portal at https://documentation.media5corp.com/.

Top

File Servers

Configuring the FTP Server

Before you begin
If you are not familiar with the procedure on how to set the FTP root path, please refer to your FTP server's documentation.
Context

Perform this procedure if you plan to use the FTP transport protocol.

Steps
  1. Set an FTP service on the assigned server.
  2. Make sure the FTP server can be reached by the Mediatrix unit.
    Note: If the file server is located behind a firewall, make sure that TCP port 21 is open.

Top

Configuring the HTTP Server

Before you begin
If you are not familiar with the procedure on how to set the HTTP root path, refer to your HTTP server's documentation.
Context
Perform this procedure if you plan to use the HTTP transport protocol.
Steps
  1. Set an HTTP service on the assigned server.
  2. Make sure the HTTP server can be reached by the Mediatrix unit.
    Note: If the file server is located behind a firewall, make sure the TCP port 80 is open.

Top

Configuring the HTTPS Server

Before you begin
If you are not familiar with the procedure on how to set the HTTPS root path, please refer to your HTTPS documentation.

Make sure the unit is set to the proper date (refer to Configuring the Mediatrix Unit to Use an SNTP Server.

Context
Perform this procedure if you plan to use the HTTPS transport protocol.
Steps
  1. Set an HTTPS service on the assigned server.
  2. Make sure the HTTPS server can be reached by the Mediatrix unit.
    Note: If the file server is located behind a firewall, make sure the TCP port 443 is open.
  3. Make sure that in the Management/Certificates tab, in the Certificate Import Through Web Browser table, there is a certificate that authenticates the HTTPS server selected in the Path field, and that Other is selected in the Type field.
  4. Set the configuration parameters.

Top

Configuring the TFTP Server

Before you begin
If you are not familiar with the procedure on how to set the TFTP root path, please refer to your TFTP server's documentation.
Context
Perform this procedure if you plan to use the TFTP transport protocol.
Steps
  1. Set a TFTP service on the assigned server.
  2. Make sure the TFTP server can be reached by the Mediatrix unit.
    Note: If the file server is located behind a firewall, make sure the UDP port 69 is open.

Top

Bypass Feature (4402plus/4404plus Models)

In the event of a power failure or network failure, the optional bypass feature permits users to make and receive calls even when the Mediatrix unit is not operating.

The Mediatrix unit BRI 1 and BRI 2 connectors may either act as a SCN bypass. For instance, if you decide to connect a SCN line into the BRI 2 connector, you can use a BRI telephone connected into the BRI 1 connector to make calls. Furthermore:
  • The connector on which the SCN line is connected must be configured as a TE.
  • The other connector must be configured as a NT.
Refer to the Software Configuration Guide for more details on how to configure the line type.

During normal operation, the direct connection between the BRI 1 and BRI 2 connectors is switched out through commuting relays and both ports resume normal functions. When power is removed from the Mediatrix unit, the relay setting is restored to a connected state and the SCN line can be used as an emergency line. Consequently, a BRI telephone used on the other port is directly connected to this SCN line. When the power is restored, this automatically removes the Bypass connection; this means that any ongoing call on the Bypass connection is terminated.


Top

System

Information

Activating a Licence Using the Web Interface

Before you begin
You must have received the licence key for your specific unit .
Steps
  1. Go to System/Information.
  2. In the Activate Licence table, enter your licence key.
    Note: A licence key is generated for one specific unit only, therefore it cannot be used on another unit.
  3. Click Apply.
  4. Validate that the Licences table now displays the Licences.
  5. At the top of the screen, restart required services.
Result



Top

Services

Basic Service Concepts

Services

The Mediatrix unit uses many services to carry out tasks and support features.

The are two types of services:
  • system services : You cannot perform service commands on system services. The service is restarted by using the Reboot button located under the Reboot tab of the DGW Web interface.
    Note: If the unit is in use when clicking Reboot, all calls are terminated.
  • user services: You can perform service commands on user services. The service is restarted by using the start
button located under the Services tab of the DGW Web interface, next to the service.
Note: Available services may differ depending on the Mediatrix unit you are using. Available services are displayed on the DGW Web page, under System/Services.

When a service needs to be restarted, the restart required services is systematically displayed. If you are not able to restart a service because it is a system service, click the Reboot link in the top menu. The Reboot page then opens. You must click Reboot. This restarts the Mediatrix unit. If the unit is in use when you click Reboot, all calls are terminated

Services can also be restarted via the CLI using the Scm.ServiceCommandsRestart parameter.


Top

System Services vs User Services

The Mediatrix unit uses many services to carry out tasks and support features.

There are 3 service commands that can be used:
  • Start
  • Stop
  • Restart
The are two types of services:
Note: Available services may differ depending on the Mediatrix unit you are using. Furthermore, some services are available only if a licence has been installed. Available services are displayed on the DGW Web page, under System/Services.

When a system or a user service needs to be restarted, the Some changes require to restart a service to apply new configuration message is systematically displayed on the DGW Web pages. Also, every service has the NeedRestartInfo CLI/MIB parameter to indicate if the service needs to be restarted for the configuration to fully take effect.

Note: For the complete list of parameters and commands available for the configuration of each service, refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/.

Top

DGW User Services

User Service Description
Basic Network Interface (Bni) Manages the layer 3 network interfaces.
Call Detail Record (Cdr) Allows the administrator to generate custom call notifications with information such as endpoints, point of origin, duration, etc.
Command Line Interface (Cli) Allows the administrator to manage the unit using the SSH or TELNET protocols.
Call Routing (Crout) Transforms properties and routes calls between telephony interfaces and SIP endpoints.
CPE WAN Management Protocol (Cwmp) Allows the administrator to manage the unit using the TR-069 protocol.
DHCP Server (Dhcp) Manages a DHCP server on each network interface.
E&M Channel Associated Signaling (Eam) Manages the E&M CAS telephony interfaces.
Element Management System for Virtuo (EMS) Makes the unit compatible with the Virtuo EMS infrastructure.
Endpoint Administration (EpAdm) Allows for high-level management of telephony endpoints.
Endpoint Services (EpServ) Manages the telephony services of each endpoint.
IP routing (IpRouting) Manages the unit's IP routing table.
Integrated Services Digital Network (Isdn) Manages the ISDN parameters for BRI and PRI telephony interfaces.
Local Firewall (Lfw) Allows the administrator to filter the network with the unit as final destination.
Link Layer Discovery Protocol (Lldp) Manages the IEEE 802.1ab protocol used for advertising the unit's capabilities on the network.
Media IP Transport (Mipt) Manages the voice and data encodings over the IP network.
Music on Hold (Moh) Manages the option to play an audio file when a telephony endpoint is on hold.
Network Address Translation (Nat) Allows the administrator to change the source or destination IP address of a packet.
Network Firewall (Nfw) Allows the administrator to filter traffic that is routed between networks.
Network Traffic Control (Ntc) Allows the administrator to perform traffic shaping on the network interfaces.
Plain Old Telephony System Line (Pots) Manages the FXS and FXO analog telephony interfaces.
R2 Channel Associated Signaling (R2) Manages the E1 CAS telephony interfaces
Session Border Controller (Sbc) Allows the administrator to perform SIP to SIP normalization, call routing, NAT traversal, and survivability.
SIP Endpoint (SipEp) Allows the administrator to associate telephony endpoints with SIP user agents.
SIP Proxy (SipProxy) The SIP Proxy (SipProxy) service is used to add local survivability for local endpoints and SIP phones.
Simple Network Management Protocol (Snmp) Allows the administrator to manage the unit using the SNMP protocol.
Telephony Interface (TelIf) Manages tone generation and detection on the telephony interfaces.
Virtual Machine (Vm) Allows the administrator to manage virtual machines.
Web Service (Web) Manage the unit using HTTP(S) web pages.

Top

DGW System Services

System Service Description
Authentication, Authorization and Accounting (Aaa) Manages the administrator accounts and grants or denies access to various parameters.
Certificate Manager (Cert) Manages the security certificates used for the authentication of the unit and its peers before establishing a secure connection.
Configuration Manager (Conf) Allows executing configuration scripts as well as performing backup/restore of the unit configuration.
Device Control Manager (Dcm) Manages the hardware properties as well as the licence activation keys.
Ethernet Manager (Eth) Manages the unit Ethernet link interfaces.
File Manager (File) Allows the administrator to manage the files stored on the unit.
Firmware Pack Updater (Fpu) Manages firmware upgrade, downgrade and rollback operations.
Host Configuration (Hoc) Manages the IP host parameters and other system settings.
Local Quality Of Service (LQos) Manages the QoS parameters applicable to the unit.
Notifications and Logging Manager (Nlm) Manages the routing and filtering of the unit's event notification messages.
Process Control Manager (Pcm) Manages the startup and shutdown sequence of the system.
Service Controller Manager (Scm) Allows the administrator to enable or disable services.

Top

Basic Service Tasks

Setting the Service Start-up Type

Steps
  1. Go to System/Services.
  2. In the User Service table, from the Startup Type selection list located next to the service you wish to set.
    • choose Auto if you wish the service to start automatically when the system starts, or
    • choose Manual to start to the service manually when needed.
  3. Click Apply.
Result
The services set to Auto will automatically start every time the unit boots, while the services set to Manual must be started each time by the administrator when needed.

Top

Starting/Stopping/Restarting a User Service Using the DGW Web Page

Steps
  1. Go to System/Services.
  2. In the User Service table, on the line of the service you wish to set.
    • click if you wish to start the service, or
    • click to restart the service.
    • click to stop the service.
    Note: When stopping or restarting a service, some interruptions might occur, such as dropped calls, virtual machine shutdown or loss of network connectivity, depending on the affected services and/or its dependencies.
  3. Click Apply.
Result
The status of the service (in the Status column) changes following the executed service command.
  • If you clicked , the tab from which you can access the service from the Web pages are greyed out
  • If you clicked , the tab from which you can access the service from the Web pages are no longer greyed out.

Top

Disabling a Service

Steps
  1. Go to System/Services.
  2. In the User Service table, on the line of the service you wish to disable, click to stop the service.
    Note: When stopping a service, some interruptions might occur, such as dropped calls, virtual machine shutdown or loss of network connectivity, depending on the affected services and/or its dependencies.
  3. In the User Service table, from the Startup Type selection list located next to the service you wish to disable, choose Manual.
  4. Click Apply.
Result
The service will be stopped and will not be restarted automatically at the next unit start-up.

Top

Restarting a Service with a Grace Delay

Context
If no service needs to be restarted, the table will be greyed out.
Steps
  1. Go to System/Services.
  2. In the Restart Required Services table, set the Graceful Delay (min) field.
  3. Click Restart Required Services.
Result
The services that require a restart are restarted after the delay allowing ongoing calls to be completed. At the expiration of the delay, the services are forced to restart even if calls are still ongoing. Therefore, ongoing calls are abruptly disconnected without proper release. The users are not informed of the call disconnection event (ex.: end-of-call tone).


Top

Restarting a System Service

Context
System services cannot be restarted by the user. To restart a system service, the unit must be restarted.
Steps
  1. Go to Reboot.
  2. In the Reboot page, click Reboot .
    Note: If the unit is in use when clicking Reboot, all calls are terminated.
Result
The Web session will be lost and you will be redirected to the login page after the reboot process. All system services needing to be restarted, will be restarted.

Top

Advanced Service Tasks

Starting/Stopping/Restarting a User Service Using a MIB Browser

Steps
  1. Open a MIB Browser
  2. Navigate to the Service that needs to be restarted.
  3. Locate the needRestartInfo parameter to determine if the service needs to be restarted.
  4. Locate the serviceCommandsTable in the scmMIB.
    1. To restart the service, set the serviceCommandsRestart command to restart
    2. To start the service, set the serviceCommandsStart command to Start
    3. To stop the service, set the serviceCommandsStop command to Stop
      Note: Stopping or restarting a service will cause an interruption in that service, which may result for example in network lost, call interruption, or virtual machine shutdown, depending on the service(s) stopped or restarted.

Top

Restarting a Service Using the CLI

Context
For more details, refer to the Technical Bulletin - Using the CLI via an SSH Session published on the Media5 documentation portal at https://documentation.media5corp.com/.
Steps
  1. Log into the CLI using an SSH client.
  2. Type the command line to restart the service, i.e. NameofService.Restart.
    Note: For example Sbc.Restart to restart the Sbc service.
    Note: Stopping or restarting a service will cause an interruption in that service, which may result for example in network lost, call interruption, or virtual machine shutdown, depending on the service(s) stopped or restarted.

Top

Hardware

Hardware Basic Tasks

Selecting the Source of the Clock Reference

Steps
  1. Go to System/Hardware.
  2. From the Clock Reference Configuration table, select from the Suggestion list, several clock reference sources.
  3. Click Apply.
Result
The selected Clock Reference sources for each available telephony card, according to the unit type, are displayed in the Value field of the Clock Reference Configuration table. The first selected source will be used as a the clock reference. The following one will be used as the fallback source, in the listed order, if the first one becomes unavailable. Only one source is used at a time for the Clock Reference.


Top

Selecting the Port Used for Synchronisation

Steps
  1. Access the DGW Web interface of your unit.
  2. Go to System/Hardware.
  3. In the Clock Reference Configuration table, from the Suggestion selection list, choose SYNCIN.
Result
The unit will be synchronised on the SYNC IN port.


Top

Associating a PRI Port to a Line Type and Protocol

Steps
  1. Go to System/Hardware.
  2. In the PRI Ports Configuration table, from the Line Type selection list, select either E1 or T1.
  3. From the Signaling selection list, associate a type of signaling to the PRI port.
  4. Click Apply.
  5. Restart the unit.
Result
The selected line type will appear under ISDN/Primary Rate Interface. This is an example of a PRI port association.


Top

Setting the Mediatrix Unit to Use the R2 Signaling Protocol

Before you begin
R2 signaling protocol can only be used on E1 line type.
Steps
  1. Go to System/Hardware.
  2. In the PRI Cards Configuration table, from the Signaling selection list, located on the same line as the port you wish to dedicate to R2 signaling, choose R2.
    Note: When changing from R2 to ISDN or ISDN to R2, you must change your routes accordingly (Call Router/Route Config).
  3. From the Line Type selection list, make sure E1 is selected.
  4. Click Apply.
  5. Restart the unit.
Result



Top

Setting the Mediatrix Unit to Use the E&M Signaling Protocol

Steps
  1. Go to System/Hardware.
  2. In the PRI Ports Configuration table, located on the same line as the port you wish to dedicate to E&M signaling, from the Signaling selection list, choose E&M.
    Note: When changing from E&M to ISDN/R2 or ISDN/R2 to E&M, you must change your routes accordingly. For instance, if you are in ISDN with a route isdn-Slot2/E1T1, then change to E&M, you must change the route to e&m-Slot2/E1T1.
  3. From the Line Type selection list, choose T1.
  4. Click Apply.
  5. Restart the unit.
Result



Top

Cabling Several Units for TDM Synchronisation

Context
Cabling is done using straight cables in a daisy chain.
Before you begin
The common practice is to have the first unit act as the Clock Master.
Steps
  1. Connect a standard Ethernet cable to the SYNC OUT port of the first device.
  2. Connect the other end of the Ethernet cable to the SYNC IN port of another device.
  3. Connect all your units in the same fashion.
Result



Top

Hardware Advanced Parameters

Some aspects of the Hardware configuration can only be completed with the MIB parameters.

These parameters can be accessed and configured by:
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration variables
For the complete list of available parameters, refer to the Hardware section of the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/.

Top

Endpoints State Configuration

Basic Endpoints State Concepts

Administrative State of Unit

The administrator can disable the use of specific endpoints or all endpoints of a unit through the administrative state configuration. It is also possible to select the initial endpoint state to be applied on unit start-up.

Disabling endpoints of a unit can be useful for example:
  • in a multi-tenant environment, if a tenant stops its service subscription, the administrator can lock the unit so the FXS port can give either a fast busy tone or no tone to signal the line is decommissioned. Then later the administrator can send a technician on site to re-wire and make the port available to another tenant.
  • if a user does not pay his service, the administrator can simply lock the endpoint.
  • to prevent calls during unit maintenance
Note: Locking an endpoint also removes SIP registration from the endpoint prohibiting calls from and to the endpoint.

Top

Basic Endpoint State Tasks

Locking All Unit Endpoints - Gracefully

Steps
  1. Go to System/Endpoints.
  2. In the Unit States table, from the Action selection list, choose Lock.
Result
New calls can no longer be sent or received.
  • If the state of the unit is Idle or Idle Unusable, the unit is locked right away.
  • If the unit is either Busy or Active, the unit will be locked only when it will become Idle.


Top

Locking All Unit Endpoints - Immediately

Steps
  1. Go to System/Endpoints.
  2. In the Unit States table, from the Action selection list, choose Force Lock.
Result
All telephone lines of the unit are locked immediately even if there are calls in progress, in which case the call will be immediately terminated (BYE sent to the SIP peer and end-of-call tone played to the endpoint). Locking all unit endpoints prevents any call activities.


Top

Unlocking All Unit Endpoints

Steps
  1. Go to System/Endpoints.
  2. In the Unit States table, from the Action selection list, choose Unlock.
Result
The unit becomes available for use.


Top

Locking an Endpoint - Gracefully

Steps
  1. Go to System/Endpoints.
  2. In the Endpoint States table, from the Action selection list of an endpoint, choose Lock.
Result
The endpoint will no longer be able to send or receive a call.
  • If the state of the endpoint is Idle or Idle Unusable, the endpoint is locked right away.
  • If the endpoint is either Busy or Active, the endpoint will be locked only when the unit will become in Idle.


Top

Locking an Endpoint- Immediately

Steps
  1. Go to System/Endpoints.
  2. In the Endpoint States table, from the Action selection list of an endpoint, choose Force Lock.
Result
All activities of the endpoint are stopped immediately, even if there are calls in progress, in which case the call will be immediately terminated (BYE sent to the SIP peer and end-of-call tone played to the endpoint).


Top

Unlocking an Endpoint

Steps
  1. Go to System/Endpoints.
  2. In the Endpoint States table, from the Action selection list of an endpoint, choose Unlock.
Result
The endpoint becomes available for use.


Top

Setting the Endpoint Behavior after a Unit Restart

Steps
  1. Go to System/Endpoints.
  2. In the Endpoint States table, from the Initial Administrative selection list of an endpoint, choose Lock or Unlock.
Result
  • If the Initial Administrative selection list is set to Lock, when the unit restarts, the endpoint will remain locked, therefore unusable.
  • If the Initial Administrative selection list is set to Unlocked, when the unit restarts, the endpoint will become usable.
.


Top

Disabling the Unit Endpoints when No Gateways are Ready

Steps
  1. Go to System/Endpoints.
  2. In the Administration table, select Enable next to Disable Unit (All Endpoints) when No Gateways Are In State Ready .
Result
The unit will be disabled, i.e. unusable, if none of the SIP gateways are ready to be used. As soon as a SIP gateway becomes ready, the unit will be enabled.


Top

Shutting Down Endpoint if in Idle-Unusable State

Steps
  1. Go to System/Endpoints.
  2. In the Administration table, select Enable next to Shutdown Endpoint When Operational State is Disable And Its Usage State is idle-unusable .
    Note: The Shutdown Endpoint When Operational State is Disable And Its Usage State is idle-unusable parameter is always interpreted as disabled unless it has been specifically set to enable.
Result
When an endpoint usage state becomes Idle-unusable whatever the value of its operational state, the endpoint remains physically up but the calls are denied.


Top

Disabling All Gateways when Trunk Lines are Down

Steps
  1. Go to System/Endpoints.
  2. In the Administration table, select Disable next to Disable Unit (All Endpoints) when No Gateways Are In State Ready .
    Note: This applies only to E1 or T1 telephony lines.
Result
When all E1 or T1 telephony lines are down, all SIP gateways will be stopped. All SIP gateways will be started when at least one E1T1 line is up.


Top

Advanced System/Endpoints Parameters

Although the services can be configured in great part in the Web browser, some aspects of the configuration can only be completed with the Configuration parameters by :
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters

For more details on the following advanced parameters, refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal https://documentation.media5corp.com/

Setting the toggle delay to disable the SIP gateways when trunk lines are down

EpAdm.DisableSipGatewaysWhenTrunkLinesDownToggleDelay

Setting the Behavior of the unit While in Shutting Down State

EpAdm.BehaviorWhileInUnitShuttingDownState

Top

Event Log

Basic Event Log Concepts

Event Notifications

An event is something that happens in the system and that needs to be reported. Event notifications are formatted text messages issued by the DGW software to signal something of interest to the unit administrator.

Event Notifications are used to generate alarms in the customer's system and to monitor the system. It is possible to control:
  • for which service event notifications will be reported;
  • which event notifications will be reported based on the severity level of the event;
  • if a specific event notification should be reported or not;
  • where the event notifications will be logged.
For example, it is possible to log all event notifications raised for the Call Router (Crout) service, or to log only one specific event notification for the Certification (Cert) service.
IMPORTANT: Unit performance is affected by the quantity of events that are reported.
Event Notifications can be sent to different destinations to be logged:

Top

Send via Syslog

Event notifications can be logged by a Syslog server.

The event notifications will be sent over UDP in the syslog format, to the syslog server specified in the configuration. Alternatively, the syslog server address can be provided through DHCP. It is important to understand that if no syslog server address is provided by a DHCP server or specified by the administrator, no messages are sent.
IMPORTANT: In some cases, Mediatrix devices can generate more information than the syslog server can handle. In these cases, it is preferable to capture the information with Wireshark.

Top

Send via SIP

It is possible to send the event notifications to a SIP server.

The event notifications sent to a SIP server are included in the SIP Notify messages. When choosing to send event notifications to a SIP server, it is not allowed to send all notifications, i.e. select the All criteria when configuring event notifications. This has been implemented to avoid sending high volumes of traffic and risking the overload of the SIP server.

The destination can be configured with the sipEp.sipNotificationsGateway parameter and the sipEp.maxNotificationsPerNotify parameter is used to define how many messages can be sent in a single "SIP NOTIFY" request the

For more details, refer to DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com


Top

Log Locally

The DGW Local Log displays the Event Notifications related to the events occurring on the Mediatrix unit that are generated by the Mediatrix Notifications and Logging Manager (Nlm) service.

Notifications will be displayed in the Local Log Entries table of the DGW Web interface provided the issuing of events for a service is enabled, and if the event meets the selected severity level chosen to be reported.

The Local Log Entries table has the following characteristics:
  • Number of displayed event notifications is limited
  • Newer notifications replace older ones.
  • The routing criteria should be designed to avoid overloading the log.
  • The local log has no persistence. Its content is erased when the unit or the Nlm service is restarted.
  • The local log does not accept messages from the SNMP service with a ‘Debug’ severity level. This is to prevent an issue when reading the local log with SNMP. The SNMP walk through the table would not catch up with the increasing index because of the DEBUG events generated by the SNMP service itself.

Top

Log to File

The event notifications can be logged in a file saved in the DGW File Management system.

Event notifications logged to a file will be available in the DGW Web interface, under Management/File tabs. The log to file feature is not available on the Mediatrix 4102S and C7 Series as they do not have more than 1MB or more user storage. The number of files stored in the unit is limited. When the maximal number is reached, the oldest stored file is deleted. The limit is configured in the LogFileMaxNb Mib parameter.


Top

Send via SNMP

The event notification can be sent via the SNMP transport.

The Send via SNMP entries have the following characteristics:
  • The traps will be sent according to the Trap Destination(s) and SNMP Protocols configured in the Management/SNMP tab of the unit.
  • By default, Notifications are only sent at severity level Warning or higher. This means you will only get traps in case of an error. To also get the recovery events for a particular service, set its severity to « Info » in System/Event Log/Service Notification Configuration.
  • For SNMP traps, the notification queue is limited to 100 notifications per second for bandwidth limitation purposes.
  • Newer traps replace older ones.
  • The routing criteria should be designed to avoid overloading the queue

Top

Basic Event Notification Tasks

Logging Event Notifications

Steps
  1. Go to System/Event Log.
  2. In the Service Notification Configuration table, click + located next to Services.
  3. For each service, choose the Severity level that will trigger the notifications.
    Note: if you do not wish to log the event notifications of a service, select Disable.
    Note: At this point, you have only enabled the possibility to log event notifications.
  4. In the Criteria field, enter All.
  5. From the Action drop-down list, select where and how the event notifications will be logged.
    1. Choose Log Locally to display the event notifications in the Local Log.
    2. Choose Log to File to send the event notifications to the DGW file management system (not available on the Mediatrix 4102S and C7 Series).
    3. Choose Send via Syslog to send the event notifications to a Syslog server.
    4. Choose Send via SNMP to send the event notification via the SNMP transport.
      Note: You cannot choose Send Via SIP if you wish to log all event notifications, as this may overload the SIP gateway. The system will indicate Not Supported.
  6. If you selected Send via Syslog in the previous step, make sure you have configured the address of the syslog server under Syslog Configuration/Remote Host field.
  7. Click .
  8. Click Apply.
Result
All event notifications with the appropriate selected Severity level of each selected service will be logged to the chosen destination.


Top

Logging Specific Event Notifications

Context
Instead of logging all the event notifications, as specified in Logging Event Notifications, the Criteria can be refined to a subset of events.
Steps
  1. Go to System/Event Log.
  2. In the Service Notification Configuration table, click + located next to Services.
  3. From the Severity drop-down list, for each service, choose the severity level that will trigger the notification.
    Note: If you do not wish to log the event notifications of a service, select Disable.
    Note: At this point, you have only enabled the possibility to log event notifications.
  4. In the Notification Events table, select a Service for which Event Notifications must be issued.
  5. From the Notification drop-down list, select one, or several, specific service notifications you wish to log.
    Note: The Criteria field will be auto populated with the selection made in the Notification field.
    Note: To log all the notifications of a specific service enter in the Criteria field the service code with all separated by a coma. For example: 200.all to log all the notifications of the Bni service. (The code can be found in the Service drop-down list.)
  6. From the Action drop-down list, select where and how the event notifications will be logged.
    1. Choose Log Locally to display the event notifications in the Local Log.
    2. Choose Log to File to send the event notifications to the DGW file management system. (not available on the Mediatrix 4102S and C7 Series).
    3. Choose Send via Syslog to send the event notifications to a Syslog server.
    4. Choose Send via SIP to send the event notifications to a SIP server.
  7. This step is not necessary if you chose Log To File in the previous step. In Syslog Configuration table, in the Remote Host field, enter the IP address of the server.
  8. Click .
  9. Repeat steps 4 to 7 for each notification you wish to publish.
  10. Click Apply.
Result
The selected service notifications with the corresponding Severity level will be published to the selected destination.


Top

Disabling Event Notification Reporting for a Service

Steps
  1. Go to System/Event Log.
  2. In the Service Notification Configuration table, from the drop-down list located next to a service name, select Disable.
Result
No event notifications will be issued for the service.

Top

Modifying the Severity Level Triggering the Reporting of a Notification

Steps
  1. Go to System/Event Log.
  2. In the Service Notification Configuration table, from the drop-down list located next to a service name, select the severity level an event should have to issue a notification.
Result
Notifications will be issued for the service only if the severity level matches the selection.

Top

Local Log

Basic Local Log Tasks

Clearing the Local Logs

Steps
  1. Go to System/Local Log.
  2. Click Clear Local Log.
Result
The entries in the Local Log Entries table will be permanently deleted.

Top

Updating the Local Logs

Steps
  1. Go to System/Local Log.
  2. Click Refresh Local Log.
Result
All new entries generated by the Notifications and Logging Manager (NLM) of your Mediatrix unit will be displayed in the Local Log Entries table.

Top

Packet Capture

Basic Packet Capture Concepts

Packet Captures

Packet captures are data packets intercepted when passing through a specific computer network.

Captured packets can be sent to a specific location where they can be analysed. The content of the capture can therefore be used to diagnose and troubleshoot network problems and determine if network security policies are being followed.

There are two different ways to perform a packet capture:
  • With the pcapture CLI command (not a Cli service command) available only via the CLI. This method displays the captured packet directly in the CLI or allows streaming the captured packet to a SSH tunnel to a remote Wireshark client.
  • With the PCaptureStart Nlm service command. This is a muse command, it can be executed via SNMP, a script, and the CLI. This is also the command used when performing packet captures via the Web page. This method sends the captured file to the service FILE or to a HTTP server via a standard HTTP upload.

Top

Basic Packet Capture Tasks

Starting a Network Capture

Context
This method is performed with the PCaptureStart command of the Nml service.
Steps
  1. Go to System/Packet Capture.
  2. In the Packet Capture Configuration section, complete the fields as follows:
    1. Max Numebr of Frames: Specifies the maximum number of frames after which the packet capture is automatically stopped. 0 means no limit.
    2. Max number of seconds: Specifies the maximum number of seconds after which the packet capture is automatically stopped. 0 means no limit.
    3. Filter: For more details on filters, refer to Filter Examples
    4. Link Name: Select the name of the link interface to capture
    5. URL: The URL format must follow this syntax: protocol://[user[:password]@]hostname[:port]/[path/]filename
      Note:

      Available protocols are File, HTTP, and HTTPS but the File protocol is not available on Mediatrix 4102S units. If the protocol is HTTPS, the HTTP server must allow "slow HTTP requests" (mod_reqtimeout module for Apache HTTP Server) otherwise the pcapture feature may not work as expected. Depending on the nature of what is being captured, chunks can be sent very slowly and with long delays, causing the capture to be considered as an attack and therefore stopped.

    Note: The Link Name can be, for example, eth1 to capture the traffic on the ETH1 interface , or any to capture traffic on all interfaces.
    Note: If the protocol is FILE, the captured trace is saved locally to the unit. For example, a if the URL is "file://my_trace.pcap" saves a capture file with the name "my_trace.pcap" in the Mediatrix unit, which can be downloaded under Management/File.
  3. Click Apply.
  4. Click Apply & Start Capture.
    Note: Remember to click Apply & Stop Capture when you have enough packets captured.
Result
Packets going trough the specified filter will be captured and sent to the specified URL.

Top

Starting a Network Capture on a Specific VLAN

Before you begin
The Vlan must first be created.
Context

This method is performed with the PCaptureStart command of the Nml service.

Steps
  1. Go to System/Packet Capture.
  2. In the Packet Capture Configuration section, in the Link Name field, enter the name of the VLAN for which you want to capture packets. This corresponds to the chosen Ethernet port followed by name given in the VlanId field of the VLAN Configuration table (Network/VLAN), when the Vlan was created (for example eth1.100)
    Note: For the URL, if you choose the FILE transport protocol, it means that the file will be accessible under Management/File.
  3. Click Apply.
  4. Click Apply & Start Capture.
    Note: Remember to click Apply & Stop Capture when you have enough packets captured.
Result
A capture will be started, and only the traffic going through the specified VLan will be captured.

Top

Starting a Network Capture Remotely On Windows

Context
This method is performed using the pcapture command of the CLI.
Before you begin
  • You must know the IP address of the unit running the DGW software.
  • The Mediatrix unit must be running a DGW v2.0.39.689 firmware or higher.
  • You must have a PC running Wireshark.
Steps
  1. From the PC, download the plink utility: plink utility.
  2. Save the plink utility in the same folder as the Wireshark executable is located.
  3. Open a command line interface (e.g. cmd.exe).
  4. Go to the Wireshark folder where the utility was saved.
  5. Enter
    Note: Since version 0.71, plink needs to be run with the -no-antispoof option. In addition, if you have previously configured plink to default to telnet, you will also need to add the -ssh option.
    plink.exe -ssh -no-antispoof -pw "PASSWORD" USERNAME@IP_ADDRESS "pcapture -raw -i any" | wireshark -k -i -
    and replace the password, username, and IP address according to your setup.
    Note: any is to make a capture on all ETH ports, including VLans (for example ETH1.10 where ) . But it is possible to choose the port, either ETH1, ETH2, ETH5, ETH1-4, ETH2-5, WAN, or LAN depending on the type of unit.
Result
The pcapture command will be executed in the CLI and the result will be sent to a new Wireshark window on the PC running the Wireshark.

Top

Starting a Network Capture Remotely On MacOS or Linux

Context
This method is performed using the pcapture command of the CLI.
Before you begin
  • The Mediatrix unit must be running a DGW v2.0.17.285 firmware or higher.
  • You must know the IP address of the unit running the DGW software.
  • You must have a PC running Wireshark.
Steps
  1. Open a command line interface.
  2. Enter: and replace the password, username, and IP address according to your setup.
    ssh USERNAME@IP_ADDRESS "pcapture -raw -i any" | wireshark -k -i -
    Note: any is to make a capture on all ETH ports. But it is possible to choose the port, either ETH1, ETH2, ETH5, ETH1-4, ETH2-5, WAN, or LAN depending on the type of unit.
Result
The pcapture command will be executed in the CLI and the result will be sent to a new Wireshark window on the PC running the Wireshark.

Top

Examples

Filter Examples

  • Filter: port 5060
    • Captures all traffic on (either source or destination) port 5060 (SIP)
  • Filter: port 5060 and host 192.168.0.99
    • Captures all traffic on port 5060 and source or destination IP 192.168.0.99
  • Filter: port 5060 and dst host 192.168.0.99
    • We can enter “dst” or “src” before “host” (or “port”) to specify the destination or source host (or port
  • Filter: not broadcast and not multicast
    • Filter out the broadcast and multicast traffic

Top

Examples of pcapture Commands for Windows

Capture from the uplink interface of the Mediatrix unit, and filtering out the broadcast and multicast traffic.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -raw -i eth1 not broadcast and not multicast" | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets of the VLan for which the VlanId is 100 only.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -raw -i eth1.100" | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using RTP only.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -raw -i eth1 -t rtp " | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using port 5060 only (either source or destination).
plink.exe -pw "1234" public@192.168.0.100 "pcapture -raw -i eth1 port 5060 " | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using port 5060 as the source only.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -raw -i eth1 src port 5060 " | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using port 5060 as the destination only.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -raw -i eth1 dst port 5060 " | wireshark -k -i -
Capture the packets going through the Ethernet port eth1, for traffic for which the source or the destination is the unit with the 00:90:F8:07:5A:6D MAC address.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -i eth1 ether host 00:90:F8:07:5A:6D " | wireshark -k -i -
Capture the packets going through the Ethernet port eth1, for traffic for which the source or the destination is the units whit the 10.5.128.11 or host 10.5.128.4 IP addresses.
plink.exe -pw "1234" public@192.168.0.100 "pcapture -i eth1 host 10.5.128.11 or host 10.5.128.4  " | wireshark -k -i -

Top

Examples of pcapture Commands on MacOs and Linux

Capture from the uplink interface of the Mediatrix unit, and filtering out the broadcast and multicast traffic.
ssh public@192.168.0.100 "pcapture -raw -i eth1 not broadcast and not multicast" | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets of the VLan for which the VlanId is 100 only.
ssh public@192.168.0.100 "pcapture -raw -i eth1.100" | wireshark -k -i -

Forces capture to interpret all packets as rtp packeta. Typically, this is used with a filter that only keeps rtp packets.

ssh public@192.168.0.100 "pcapture -raw -i eth1 -T rtp " | wireshark -k -i -

Capture only rtp packets, going through the Ethernet port eth1, but using port 5006 only (either source or destination)

pcapture -raw -i -T rtp eth1 port 5006
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using port 5060 only (either source or destination).
ssh public@192.168.0.100 "pcapture -raw -i eth1 port 5060 " | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using port 5060 as the source only.
ssh public@192.168.0.100 "pcapture -raw -i eth1 src port 5060 " | wireshark -k -i -
Capture from the uplink interface of the Mediatrix unit, the packets going through the Ethernet port eth1, but using port 5060 as the destination only.
ssh public@192.168.0.100 "pcapture -raw -i eth1 dst port 5060 " | wireshark -k -i -
Capture the packets going through the Ethernet port eth1, for traffic for which the source or the destination is the unit with the 00:90:F8:07:5A:6D MAC address.
ssh public@192.168.0.100 "pcapture -i eth1 ether host 00:90:F8:07:5A:6D " | wireshark -k -i -
Capture the packets going through the Ethernet port eth1, for traffic for which the source or the destination is the units whit the 10.5.128.11 or host 10.5.128.4 IP addresses.
ssh public@192.168.0.100 "pcapture -i eth1 host 10.5.128.11 or host 10.5.128.4  " | wireshark -k -i -

Top

Diagnostic

Basic Diagnostic Concept

Diagnostic Traces

Diagnostic Traces are specifically used for troubleshooting purposes. As for Event Notifications, they report errors, warnings, or system information.

Diagnostic Traces do not need to be activated, except at the specific demand of Media5 Technical Assistance Center.


Top

Basic Diagnostic Trace Tasks

Enabling the Automatic Diagnostic Log Dump

Steps
  1. Go to System/Diagnostic.
  2. In the Diagnostic Log Configuration table, select Enable.
  3. Click Apply.
Result
If the unit unexpectedly closes, the diagnostic logs will be automatically generated in an *.tgz file, available under Management/File in the Internal files table.

Top

Manually Starting a Diagnostic Log Dump

Steps
  1. Go to System/Diagnostic.
  2. In the Diagnostic Log Configuration table, select Dump Now.
Result
The diagnostic logs will be generated in an *.tgz file, available under the Management/File, in the Internal files table.

Top

PCM Traces

Basic PCM Traces Concepts

PCM Traces

The PCM traces are two different RTP streams made specifically to record all analog or digital signals that are either sent or received by the telephony ports of the Mediatrix unit.

These RTP streams are sent to a configurable IP address, normally an IP address on your network where it can be recorded with a packet sniffer (such as Wireshark). Moreover, they are independent from the regular RTP streams of the VoIP call. On the analog devices, the streams are sent instantly at device start-up, with an average ptime of 5 ms. The resulting streams, depending on the model, are around 15 kB/s.

Only the configured port, port #1 and/or #2 send the PCM traces for a maximum of four simultaneous RTP streams.

All streams are sent instantly at start-up with an average ptime of 15 ms. This means that until the PCM traces are disabled, even an idle unit will continuously send up to 66.6 packets/s X 4 streams = 267 packets/s using approximately 174 bytes each, for a total of 46 Kbytes of upstream bandwidth.

On digital devices, the streams will be sent once a call is in process of being established (ISDN SETUP, SIP INVITE). This means no data will be sent if the gateway is idle with no calls in progress.

PCM Traces are usefull at identifying problems with:
  • Echo in the network
  • DTMF signals
  • Caller ID signals
  • Fax signals (or false Fax detection)
  • Message Waiting Indicator signals
  • Any other analog signal
  • Any voice quality issue

Top

Basic PCM Tasks

Enabling the PCM Traces - SIP 5.0

Before you begin
The PCM traces destination must be set so it can be recorded in a Wireshark capture on your network, normally sent to the PC doing the capture
Steps
  1. Enable the PCM traces by setting the mxDebugPcmCaptureEnable MIB variable to enable.
  2. Set the destination IP address for the PCM traces in the mxDebugPcmCaptureIpAddress MIB variable.
    Note: This IP address does not have to be listening on ports 5001/2 – 6001/2, as it is easy to filter out ICMP “port unreachable” messages afterwards.
    Note:

    If G.723 is available, you MUST disable the G.723 and enable the G.726 codec to load the PCM code into the 1204. This can be done by setting the voiceIfCodecG723Enable MIB variable to disable and the voiceIfCodecG72616kbpsEnable MIB variable to enable in the voiceIfMIB.

  3. Reboot the unit.
Result





Top

Enabling the PCM Traces of a Port Using UMN

Before you begin
The PCM traces destination must be set so it can be recorded in a Wireshark capture on your network, normally sent to the PC doing the capture.
About this task
If a port is receiving several calls at a time, the capture will be performed on the first call until it is completed, and only then will a capture be performed on another call. Traces are taken as soon as the port is opened.
Procedure
  1. Using UMN, right click the name of the unit and select Edit SNMP...
  2. Browse to: mediatrixSystem/gen5/mediatrixCommon/mediatrixServices/miptMIB/miptMIBObjects/debugGroup/ pcmCaptureGroup.
  3. Set the pcmCaptureEnable MIB parameter to Enable.
  4. Set the pcmCaptureEndpoint MIB parameter to the unit’s endpoint on which the PCM capture will be taken from. For endpoint examples, refer to Endpoint Examples.
    Note: To make sure that you are capturing the appropriate endpoint, please verify its naming by running the following command in CLI: Epadm.Endpoint. The output of the command displays a table with the unit's endpoints.
  5. Set the pcmCaptureIpAddr MIB parameter to the IP address of the PC running Wireshark.
    Note: This IP address does not have to be listening on UDP ports, as it is easy to filter out ICMP “port unreachable” messages afterwards.
  6. When the capture is done, make sure to set the pcmCaptureEnable MIB parameter to Disable.
Results



Top
Endpoint Examples
Endpoint Name Description
Bri1-2 BRI port 1, channel 2
Slot2/E1T1-3 Channel 3 of the E1 port located in slot 2
Port09 Port 09 of a Mediatrix 4108-16-24 unit
Phone-Fax1 Port 1 of a Mediatrix 4102S unit
FXS1 Port 1 of the FXS card of a Mediatrix C7 unit
FXO1 Port 1 of the FXO card of a Mediatrix C7 unit

All possible endpoint names are listed in the Endpoint table displayed in the DGW Web interface (System/Endpoints). You may also access this table via the CLI by using the EpAdm.Endpoint command or directly via UMN.


Top

Enabling PCM Traces of a Port Using the Configuration Script

Before you begin
The PCM traces destination must be set so it can be recorded in a Wireshark capture on your network, normally sent to the PC doing the capture.
Context
If a port is receiving several calls at a time, the capture will be performed on the first call until it is completed, and only then will a capture be performed on another call. Traces are taken as soon as the port is opened.
Steps
  1. Create a txt file, and save it as a *.cfg.
  2. Enter Mipt.PcmCaptureEnable = Enable or Mipt.PcmCaptureEnable=1
  3. Enter Mipt.PcmCaptureEndpoint = Value , where Value is the unit’s endpoint on which the PCM capture will be taken from. For more information, refer to Endpoint Examples.
    Note: To make sure that you are capturing the appropriate endpoint, please verify its naming by running the following command in CLI: Epadm.Endpoint. The output of the command displays a table with the unit's endpoints.
    Note: The port names are case sensitive.
  4. Enter Mipt.PcmCaptureIpAddr = Value , where Value is the IP address of the PC running Wireshark.
    Note: The IP address does not have to be listening on UDP ports, as it is easy to filter out ICMP “port unreachable” messages afterwards.
  5. Import the *.cfg file into the system. Refer to DGW Configuration Guide - Configuration Scripts Import and Export published on the Media5 documentation portal at https://documentation.media5corp.com/.
  6. When the capture is done, make sure to disable the Mipt.PcmCaptureEnable MIB parameter.
    Note: For example Mipt.PcmCaptureEnable = Disable or Mipt.PcmCaptureEnable = 0
Result
In the configuration script, the value of Mipt.PcmCaptureEnable, Mipt.PcmCaptureIpAddr and Mipt.PcmCaptureEndpoint parameters should reflect the values configured..


Top

VM

Basic Virtual Machine Concepts

RAM Allocation to Virtual Machines

To reduce the wear-and-tear of the Solid State Drive, make sure to allocate the maximum amount of RAM possible to the virtual machine.

Installed RAM on Mediatrix Units Available RAM for Virtual Machine
2 Gb 1.5 Gb
4 Gb 3.5 Gb
8 Gb 7 Gb ( 87.5% of available RAM)

Top

SSD Lifespan

Mediatrix units running a Virtual Machine are equipped with various sizes of Solid State Drive (SSD) for storage.

A Solid State Drive (SSD) is a form of flash-based storage. Media5 uses high quality, enterprise grade SSDs in its products. However due to its technical nature, flash memory can handle so many read/write cycles. Beyond that, the performance may degrade or in extreme cases, the drive may fail. For customers using a Mediatrix unit running a Virtual Machine, special attention should be paid to the number of writes caused by the Operating System running in the virtual machine, as well as by the application. If the Virtual Machine is not optimised, it will lead to excessive read/write access to the SSD, and hence significantly reduce the lifespan of the SSD. For more details, please refer to Technical Bulletins - Virtual machine installation published on the Media5 documentation portal at https://documentation.media5corp.com/.


Top

SSD Lifespan Extrapolation

SSD lifespan can be extrapolated and Virtual Machine optimisation can be validated.

For example, let the virtual machine run for a month (or a week), read and compare the WearPercentage parameter at different times during this interval. Use the collected information to extrapolate the lifespan.

For example: the Wear Percentage increased from 19% to 20% in 2 months. Take the remaining 80% divided by a monthly increase of 0.5% gives 160 months left. Therefore at least 13 years left at the current increase rate.

If the lifespan does not meet the expectations, you may consider further optimisation measures e.g.:
  • disable some of the logging
  • log to an external device
  • assign more RAM to the Virtual Machine
  • consider ordering a bigger SSD for future installations

Top

What are the Meltdown and Spectre Security Vulnerabilities

These vulnerabilities allow a non-privileged process to read sensitive data in memory, thus accessing privileged information from the kernel or other processes.

A Virtual Machine (VM) running inside the Sentinel 400 may be vulnerable to Meltdown (CVE-2017-5754) and to the two variants of Spectre (CVE-2017-5753 and CVE-2017-5715).

For more information on these vulnerabilities:


Top

Is my VM vulnerable to Meltdown and Spectre?

Your Virtual Machine (VM) is only vulnerable if it allows running third-party/rogue applications or scripts.

For example:

  • A restricted user who has shell access can run malicious software.
  • A user surfing the Net from within the VM can unknowingly run malicious Javascript from his browser.

You can consider your VM non-vulnerable if your VM is a secured and closed system that does not allow running rogue code (i.e. the vulnerabilities cannot be exploited), unless an attacker founds other vulnerabilities to break into your VM.


Top

Is all the System Vulnerable?

The DGW firmware in the Mediatrix system, by itself, is not vulnerable since it does not allow running rogue code:

But it is theoretically possible, for a Virtual Machine compromised by the Spectre vulnerability, to read memory outside the Virtual Machine and access sensitive data of the Mediatrix system. The best protection against this is to secure your VM, to make sure there is no known means an attacker can use to break into your VM.

Media5 also recommends to always keep your Sentinel 400 up-to-date with to the latest DGW firmware version.


Top

How to Protect my VM against Meltdown

Linux kernels have a new feature called KPTI (previously known as KAISER) that protects against Meltdown.

If your Virtual Machine is vulnerable, Media5 recommends that you upgrade your kernel to a version that supports KPTI, and enable it.

For more information on KPTI: https://en.wikipedia.org/wiki/Kernel_page-table_isolation
IMPORTANT: Enabling KPTI may impact the performance of your Virtual Machine.

Top

How to Protect my VM against Spectre

There are different mitigation techniques against Spectre:

  • Mitigation #1: A microcode update from the CPU vendor for better control over the branch speculation. Also need an updated kernel to enable these new features (IBRS and IBPB).
  • Mitigation #2: Different techniques (like "retpoline" and "LFENCE") that require recompiling the kernel, packages and applications.

As the time this document was written, Mitigation #1 could not be applied, as Intel had not yet released a microcode update for the CPU of the Sentinel 400.

If your Virtual Machine is vulnerable, Media5 recommends applying Mitigation #2. See https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)#Mitigation for more details.
IMPORTANT: Mitigation techniques against Spectre may impact the performance of your Virtual Machine.

Top

Basic Virtual Machine Actions

Stopping the Virtual Machine

Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration table, click located on the same row as the VM you wish to stop.
Result
The virtual machine stops. In the Virtual Machine Status table, Stopped will be displayed under the State column.

Top

Stopping the Virtual Machine - Graceful Stop

Steps
  1. Open the VNC Client located on a computer located on the network connected to the unit.
    Note:

    UltraVNC Viewer, TightVNC Viewer and VNC Viewer are presently supported.

  2. Enter the Unit.IP.Address: VNCid .
  3. In the VNC console, shutdown the OS using the recommended OS method.

Top

Rebooting a VM

Context
If the virtual machine you wish to start requires resources equivalent to the available resources on the unit, then it will not be possible to start another virtual machine. It is only possible to start a virtual machine if there are enough resources on the unit.
Note: Rebooting a virtual machine does not have the same effect as Restarting the virtual machine.
Steps
  1. Go to System/VM.
  2. Click .
Result
The virtual machine is restarted. In the Virtual Machine Status, Started will be displayed under the State column.

Top

Rebooting a VM - Graceful Reboot

Context

Although the virtual machine can be rebooted via the Web page, rebooting the virtual machine using a VNC Client is the preferred way to reboot the virtual machine.

Note: Rebooting the virtual machine does not have the same effect as restarting the virtual machine.
Steps
  1. Open the VNC Client located on a computer located on the network connected to the unit.
    Note:

    UltraVNC Viewer, TightVNC Viewer and VNC Viewer are presently supported.

  2. Enter the Unit.IP.Address: 5900+VNCid .
  3. In the VNC console, shutdown the OS using the recommended OS method.
Result
The virtual machine is restarted. In the Virtual Machine Status, Started will be displayed under the State column.

Top

Setting the Virtual Machine to Automatic Start

Context

If the virtual machine you wish to start requires resources equivalent to the available resources on the unit, then it will not be possible to start another virtual machine. It is only possible to start a virtual if there are enough resources on the unit.

Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration table, from the Startup dropdown list, select Auto.
  3. Click Apply.
Result
When the Vm Service is started, the virtual machine will also be started.


Top

Setting the Virtual Machine to Manual Start

Context
Manually starting the virtual machine can be useful when installing the virtual machine to check if the installation was done properly. However, on a day to day usage, the virtual machine should be set to start automatically. Refer to Setting the Virtual Machine to Automatic Start.
Note: If the virtual machine you wish to start requires resources equivalent to the available resources on the unit, then it will not be possible to start another virtual machine. It is only possible to start a virtual machine if there are enough resources available on the unit.
Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration table, from the Startup dropdown list, select Manual.
  3. Click Apply.
Result
The virtual machine will be started only if it is started manually. In the Virtual Machine Status, Started will be displayed under the State column.


Top

Deleting a VM

Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration table, click located on the same row as the virtual machine you wish to delete.
Result
The virtual machine and its configuration are deleted.

Top

Monitoring the SSD Wear Percentage Using the CLI

Steps
  1. Open the Command Line Interface ( CLI).
  2. At the prompt, enter the following command: Dcm.PersistentWearPercentage
Result
This parameter will provide the Wear Percentage of the SSD. It is taken from the SMART data obtained directly from the drive. When it reaches 100%, it means the technical lifespan of the SSD has been reached. The drive may not fail immediately, but this indicates that the SSD must be replaced to ensure continuous operation.

Top

Monitoring the SSD Wear Percentage Using a MIB Browser

Context

The Mediatrix UMN Mib browser can be used for this procedure.

Steps
  1. Open your Mib Browser.
  2. Poll .1.3.6.1.4.1.4935.1000.100.200.100.2000.1.10000.100.250
    Note: This is an SNMP (readonly) Mib.
Result
This parameter will provide the Wear Percentage of the SSD. It is taken from the SMART data obtained directly from the drive. When it reaches 100%, it means the technical lifespan of the SSD has been reached. The drive may not fail immediately, but this indicates that the SSD must be replaced to ensure continuous operation.

Top

Virtual Machine Installation

Adding a Virtual Machine

Before you begin
The VirtualSwitch parameter must be configured to enable the link you wish to use to contact the virtual machine. Refer to Configuring a Link as a Virtual Switch .

You must have a virtual machine licence and the VM service must be started.

Caution: It is a best practice to create the Virtual Machine in a test environment. If not enough memory is allocated and swap is disabled, the Virtual Machine will stop, and the installation will need to be restarted from the beginning.
Steps
  1. Go to System/VM.
  2. In the Virtual Machine Creation table, complete the Vm Name field.
    Note: Vm names must be unique.
  3. In the Ram(Mb) field, enter the amount of RAM required to run the virtual machine.
    Caution: To reduce the wear-and-tear of the Solid State Drive, make sure to allocate the maximum amount of RAM possible to the virtual machine.
    Note: For instance, 87.5% of the actual available RAM, or 1.5 Gb for units with 2 Gb of RAM, 3.5 Gb with 4 Gb of RAM and for 7 Gb with 8 Gb of RAM.
  4. Complete the Storage(Gb) field.
    Note: 10 Gb is the maximum value one can allocate in a typical Sentinel equipped with a 16 Gb Solid State Drive.
  5. From the Image Format selection list, choose the format of the image.
    Note:
    • Use QCOW2 for space efficiency and flexibility.
    • Use RAW for improved performance
  6. From the Nb Cores selection list, select the number of cores the virtual machine will be using.
    IMPORTANT: It is not possible to modify the settings (RAM, name, etc.) once the virtual machine has been created. The only way to change the settings, is to delete the virtual machine and to create it once again.
  7. Click .
    Note: A maximum of 2 virtual machines can be added.
Result
The virtual machine will be displayed in both the Virtual Machine Configuration and the Virtual Machine Status tables.


Top

Configuring the VM Network Adapter (VirtIO)

Before you begin
Configuring the Network Adapter is optional. By default, it is set to E 1000 (Intel 82545EM emulated network interface card). However, for enhanced network performance, the network adapter can be set to VirtIO, provided it is supported by the guest OS as paravirtualised drivers are required.
Steps
  1. Go to System/VM.
  2. From the Network Adapter drop down list, select VirtIO.
    Note: Please refer to the OS documentation for specific information regarding VirtIO.
  3. Click Apply.
Result

The virtual machine Network Adapter will be set to VirtIO.




Top

Installing the OS on the Virtual Machine Using an ISO image

Before you begin
The Importing an ISO image to the Unit File Management System procedure must be completed. When downloading an OS that provides architecture choices you need to choose either AMD64 (64 bit OS) or i386/i686 (32 bit OS). Basically you need to choose the architecture for an INTEL processor
Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration, in the Iso Name field, indicate the name of the ISO file containing the OS.
  3. In the Vnc Id field, indicate the unique id used with the VNC Client to connect to the virtual machine console.
  4. From the Usb field, select None.
  5. Click .
  6. Open the VNC Client located on a computer of the network connected to the unit.
    Note:

    UltraVNC Viewer, TightVNC Viewer and VNC Viewer are presently supported.

  7. Enter the IPAddressOftheUnit:VNCid.
    Note: For example 192.168.0.12:1
  8. Follow the on-screen instructions.
    Caution:
    To reduce the wear-and-tear of the Solid State Drive,
    • On Linux OS, disable memory swapping or at least set swappiness to 0.
    • On Windows OS, disable the virtual memory.
    Note: If the Solid State Drive fails because it is inadequately used by a third party software or the operating system, the warranty of the Mediatrix unit will no longer be valid.
    Note: The installation can take more than an hour depending on the image you are installing.
Result
The virtual machine will be started only if it is started manually.


Top

Installing the Virtual Machine OS using a USB External Device

Before you begin
Make sure your USB external device contains the Operating System installation media, is bootable, and is connected. When downloading an OS that provides architecture choices you need to choose either AMD64 (64 bit OS) or i386/i686 (32 bit OS). Basically you need to choose the architecture for an INTEL processor.
Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration table, in the Vnc Id field, indicate the unique id of the virtual machine.
  3. From the Usb field, select All.
  4. Click .
  5. Open the VNC Client located on a computer of the network connected to the unit.
    Note: UltraVNC Viewer, TightVNC Viewer and VNC Viewer are presently supported.
  6. Enter the IPAddressOftheUnit:VNCid
    Note: For example 192.168.0.12:1
  7. From the VNC client, wait for the following message to display "Press F12 for boot menu". If too late, restart the VM by clicking the button.
  8. Press F12, then select the USB device.
  9. Follow the on-screen instructions.
    Caution:
    To reduce the wear-and-tear of the Solid State Drive:
    • On Linux OS, disable memory swapping or at least set swappiness to 0.
    • On Windows OS, disable the virtual memory.
    Note: If the Solid State Drive fails because it is inadequately used by a third party software or the operating system, the warranty of the Mediatrix unit will no longer be valid.
    Note: The installation can take more than an hour depending on the image you are installing.
Result

The virtual machine will be started only if it is started manually




Top

Disabling Swap on Linux

Context
Disabling swapping in the Operating System will optimise the virtual machine in such a way to reduce the wear-and-tear of the Solid State Drive.
Note: If the Solid State Drive fails because it is inadequately used by a third-party software or the operating system, the warranty of the Mediatrix unit will no longer be valid.
Steps
  1. Open the VNC Client located on a computer of the network connected to the unit.
    Note: UltraVNC Viewer, TightVNC Viewer and VNC Viewer are presently supported.
  2. Open .../etc/sysctl.conf file
  3. Add vm.swappiness = 0 to the file.
  4. Open ... /etc/fstab.
  5. Add noatime to the following lines
    1. § UUID=32b414c0-This-is-an-example / ext4 defaults, noatime 1 1
    2. § UUID=b4598e44-This-is-an-example /boot ext4 defaults, noatime 1 2
  6. Comment out
    1. § # UUID=72355f7a-497d-This-is-an-example swap swap defaults 0 0
  7. Use the Shutdown command and then restart the Virtual Machine.
    IMPORTANT: Do no use the Linux reboot command as the filesystem may not get mounted properly.

Top

Virtual Machine Modification

Modifying the Virtual Machine Configuration

Steps
  1. Go to System/VM.
  2. In the Virtual Machine Configuration table, modify the fields as required.
  3. Click Apply.
Result
The next time the virtual machine will be used, the new parameter values will be applied.

Top

Network

Host

Basic Network Host Concepts

DNS Servers

The DNS server list is the ordered list of DNS servers that the device uses to resolve network names.

Up to four servers can be used. The DNS servers can be specified statically or obtained automatically (for example through DHCPor PPP). DNS query results are cached on the system to optimise name resolution time. For more details, refer to DGW Configuration Guide - DNS Behavior with Mediatrix Gateways published on the Media5 documentation portal at https://documentation.media5corp.com/.


Top

Simple Network Time Protocol (SNTP)

The Simple Network Time Protocol (SNTP) is used to update and synchronise the clock of the Mediatrix unit (day, month, time) when it is restarted.

Mediatrix units do not all include a real time clock allowing them to maintain accurate time when they are shutdown. Your system needs to have access to accurate time, for example if you are using HTTPS or for the caller ID feature. The Mediatrix unit implements a SNTP client, which can synchronise the local clock with remote NTP/SNTP servers. The configuration can be automatic (through DHCP for example), with fallback, or static, with up to four servers.


Top

Time Format

The time format (also known as 'TZ' format) is based on the format described by the IEEE 1003.1 standard (i.e. POSIX specification).

The Time Format contains two parts separated by a semicolon:
  • The first part, mandatory, is the system timezone expressed in the IEEE 1003.1 POSIX format (also known as 'TZ' format).
  • The second part, available since 46.0 is optional. It is the timezone used for the time displayed in some of the SBC Web pages (Live Calls, Events, and Registration). This part is only useful for units with the Sbc service. This string must be expressed in the IANA format. If this part is not present, the UTC time zone is used on the SBC Web pages.
The first part of the time format has this POSIX syntax:
STDOFFSET[DST[OFFSET],[START[/TIME],END[/TIME]]]
where:
  • STD / DST: Three or more characters for the standard (STD) or alternative daylight saving time (DST) time zone. Only STD is mandatory. If DST is not supplied, the daylight saving time does not apply. Lower and upper case letters are allowed. All characters are allowed except:
    • digits
    • leading colon (:)
    • comma (,)
    • minus (-)
    • plus (+), and
    • ASCII NUL.
  • OFFSET: Difference between the GMT time and the local time. The offset has the format h[h][:m[m][:s[s]]]. If no offset is supplied for DST, the alternative time is assumed to be one hour ahead of standard time. One or more digits can be used; the value is always interpreted as a decimal number.
    • The hour value must be between 0 and 24.
      IMPORTANT: If preceded by a minus sign (-), the time zone is east of the prime meridian, otherwise it is west, which can be indicated by the preceding plus sign (+). For example, New York time is GMT 5.
    • The minute and second values, if present, must be between 0 and 59.
  • START / END Indicates when to change to and return from the daylight saving time. The START argument is the date when the change from the standard to the daylight save time occurs; END is the date for changing back. If START and END are not specified, the default is the US Daylight saving time start and end dates. The format for start and end must be one of the following:
    • n where n is the number of days since the start of the year from 0 to 365. It must contain the leap year day if the current year is a leap year. With this format, you are responsible to determine all the leap year details.
    • Jn where n is the Julian day number of the year from 1 to 365. Leap days are not counted. That is, in all years – including leap years – February 28 is day 59 and March 1 is day 60. It is impossible to refer to the occasional February 29 explicitly. The TIME parameter has the same format as OFFSET but there can be no leading minus (-) or plus (+) sign. If TIME is not specified, the default is 02:00:00.
    • Mx[x].y.z where x is the month, y is a week count (in which the z day exists) and z is the day of the week starting at 0 (Sunday). For instance: M10.4.0 is the fourth Sunday of October. It does not matter if the Sunday is in the 4th or 5th week. M10.5.0 is the last Sunday of October (5 indicates the last z day). It does not matter if the Sunday is in the 4th or 5th week. M10.1.6 is the first week with a Saturday (thus the first Saturday). It does not matter if the Saturday is in the first or second week. The TIME parameter has the same format as OFFSET but there can be no leading minus (-) or plus (+) sign. If TIME is not specified, the default is 02:00:00.

Top

Time Format Examples



Time Zone String IANA format (Optional, 46.0+)
Atlantic Time (Canada) AST4ADT,M3.2.0,M11.1.0 America/Halifax
Australia Eastern Standard Time AEST-10AEDT,M10.1.0,M4.1.0/3 Australia/Sydney
Central European Time CET-1CEST,M3.5.0,M10.5.0/3 Europe/Brussels
Central Time (Canada & US) CST6CDT,M3.2.0,M11.1.0 America/Chicago
China Standard Time CST-8 Asia/Shanghai
Eastern Time Canada & US) EST5EDT,M3.2.0,M11.1.0 America/Toronto
Greenwich Mean Time GMT0BST,M3.5.0/1,M10.5.0 Europe/London
Mountain Time (Canada & US) MST7MDT,M3.2.0,M11.1.0 America/Denver
Pacific Time (Canada & US) PST8PDT,M3.2.0,M11.1.0 America/Los_Angeles
Japan Standard Time JST-9 Asia/Tokyo
UTC (Coordinated Universal Time) UTC0 Etc/UTC
Western Europe Time WET0WEST,M3.5.0/1,M10.5.0 Europe/Lisbon

Top

Basic Network Host Tasks

Choosing the Network Providing the IPv4 Automatic configuration

Steps
  1. Go to Network/Host.
  2. In the Automatic Configuration Interface table, from the Automatic IPv4 config source network selection list, choose a network.
  3. Click Apply.

Top

Choosing the Network Providing the IPv6 Automatic configuration

Steps
  1. Go to Network/Host.
  2. In the Automatic Configuration Interface table, from the Automatic IPv6 config source network selection list, choose a network.
  3. Click Apply.

Top

Configuring the Host Name and Domain Name of the Mediatrix Unit

Steps
  1. Go to Network/Host.
  2. In the Host Name Configuration table, from the Configuration Source selection list, choose the source.
    Note: When switching from the Static to Automatic IPv4 or Automatic IPv6 configuration source, the last value correctly obtained from the network (if any) is applied to the system.
  3. If you are using a Static configuration source, in the Domain Name field, enter the domain name of your unit.
    Note: The domain name is the network domain to which the unit belongs. For instance: example.com.
  4. In the Host Name field, enter the host name of your unit.
    Note: The host name is the unique name by which the unit is known on a network.
  5. Click Apply.
Result



Top

Configuring the Default Network Gateway to a Static IP Address

Steps
  1. Go to Network/Host.
  2. In the Default Gateway Configuration table, from the IPv4/Configuration Source selection list, select Static.
  3. In the IPv4/Default Gateway field, enter the IP address used as the Static Default Router for the Uplink Network Interface.
  4. In the Default Gateway Configuration table, from the IPv6/Configuration Source selection list, select Static.
  5. In the IPv6/Default Gateway field, enter the IP address used as the Static Default Router for the Uplink Network Interface.
  6. Click Apply.
Result
The specified address is used as the current default router address.


Top

Configuring the Default Network Gateway to an Automatic IP Address

Steps
  1. Go to Network/Host.
  2. In the Default Gateway Configuration table, from the IPv4/Configuration Source selection list, select Automatic IPv4.
  3. In the Default Gateway Configuration table, from the IPv6/Configuration Source selection list, select Automatic IPv6.
    Note: When switching from the Static to Automatic configuration source, the last value correctly obtained from the network (if any) is applied to the system.
  4. Click Apply.
Result



Top

Configuring DNS Servers - Automatically

Steps
  1. Go to Network/Host.
  2. In the DNS Configuration table, from the Configuration Source selection list, choose Automatic IPv4 or Automatic IPv6 .
  3. Click Apply.
Result



Top

Configuring DNS Servers - Manually

Steps
  1. Go to Network/Host.
  2. In the DNS Configuration table, from the Configuration Source selection list, choose Static.
  3. For each DNS server, enter the IP address.
    Note:

    The best practice is to use the servers supplied by your Internet Service Provider (usually the primary and secondary DNS), then complement with publicly accessible DNS servers from a different network.

    For example, when using IPv4: Google (8.8.8.8 and 8.8.4.4), CloudFlare (1.1.1.1 and 1.0.0.1), OpenDNS (208.67.222.222 and 208.67.220.220), Level3 (209.244.0.3 and 208.244.0.4), etc.

    Or when Using IPv6: Google (2001:4860:4860::8888 and 2001:4860:4860::8844), CloudFlare (2606:4700:4700::1111 and 2606:4700:4700::1001), etc.

  4. Click Apply.
Result



Top

Configuring the SNTP Server to a Static IP Address

Before you begin
Make sure there is an SNTP server available.
Steps
  1. Go to Network/Host.
  2. In the SNTP Configuration table, from the Configuration Source selection list, select Static.
  3. Provide an IP address or domain name and port numbers for each SNTP server you are using.
    Note: The best practice is to use the servers supplied by your Internet Service Provider, then complement with servers from a different network close to your geographical area. For example: time.nist.gov (USA), ntp4.sptime.se (Sweden), time1.isu.net.sa (Saudi Arabia), ntp.nict.jp (Japan), time.google.com (Worldwide), pool.ntp.org or one of their regional server pools (see https://www.ntppool.org/ for more information).
  4. If necessary, change the value of the Synchronisation Period.
  5. If necessary, change the value of the Synchronisation Period on Error.
  6. Click Apply.
Result
The SNTP host name and port will be displayed in the Host Status table under Network/Status.


Top

Configuring the SNTP Server to an Automatic IP Address

Before you begin
Make sure there is an SNTP server available.
Steps
  1. Go to Network/Host.
  2. In the SNTP Configuration table, from the Configuration Source selection list, select Automatic IPv4 or Automatic IPv6.
    Note: Some Uplink connection types (for example Static and PPPoE) cannot obtain SNTP information from the network, and therefore lead to no SNTP parameters being applied to the system.
  3. If necessary, change the value of the Synchronisation Period.
  4. If necessary, change the value of the Synchronisation Period on Error.
  5. Click Apply.
Result



Top

Configuring the SNTP Server to an Automatic IP Address with Fallback

Before you begin
Make sure there is an SNTP server available.
Steps
  1. Go to Network/Host.
  2. In the SNTP Configuration table, from the Configuration Source selection list, select Automatic IPv4 or Automatic IPv6.
    Note: Some Uplink connection types (for example Static and PPPoE) cannot obtain SNTP information from the network, and therefore lead to no SNTP parameters being applied to the system.
  3. Provide an IP address or domain name and port numbers for each SNTP server you are using.
    Note:

    The best practice is to use the servers supplied by your Internet Service Provider, then complement with servers from a different network close to your geographical area. For example: time.nist.gov (USA), ntp4.sptime.se (Sweden), time1.isu.net.sa (Saudi Arabia), ntp.nict.jp (Japan), time.google.com (Worldwide), pool.ntp.org or one of their regional server pools (see https://www.ntppool.org/ for more information).

  4. If necessary, change the value of the Synchronisation Period.
  5. If necessary, change the value of the Synchronisation Period on Error.
  6. Click Apply.
Result


.

Top

Configuring the Mediatrix Unit to Use an SNTP Server

Before you begin
Make sure there is an SNTP server available.
Context
Steps
  1. Go to Network/Host.
  2. In the SNTP Configuration table, from the Configuration Source selection list, select the connection type from which you wish to obtain the SNTP parameters.
    Note: Complete Step 3 only if you are using static SNTP server(s), otherwise go to Step 4.
  3. Provide an IP address or domain name and port numbers for each SNTP server you are using.
  4. If necessary, change the displayed default value of the Synchronisation Period.
  5. If necessary, change the displayed default value of the Synchronisation Period on Error.
  6. Click Apply.
Result
The SNTP host name and port will be displayed in the Host Status table under Network/Status.


Top

Selecting the Unit's Time Zone

Context
Time Servers should be configured under Network/Host/SNTP Configuration. For more details refer to the DGW Configuration Guide - VLan Configuration published on the Media5 documentation portal at https://documentation.media5corp.com/
Steps
  1. Go to Network/Host.
  2. In the Time Configuration table, in the Static Time Zone field, specify the time zone in which the Mediatrix unit is located.
    Note: If preceded by a minus sign (-), the time zone is east of the prime meridian, otherwise it is west, which can be indicated by the preceding plus sign (+). For example, New York time is GMT 5.
  3. Click Apply.
Result

Any DGW parameter referring to a time value will use the local time described by this time zone reference. The Hoc.SystemTime will return the unit local time in accordance with the configured time zone.


Top

Advanced Network Host Parameters

Although the services can be configured in great part in the Web browser, some aspects of the configuration can only be completed with the configuration parameters by either:
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters
For more details on the following parameters, refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/.

Configuring Dns Cache Randomisation:

  • Hoc.DnsCacheRandomization

Configuring Pre-resolved Static FQDNs

Up to 10 pre-resolved FQDNs can be configured. The StaticHosts table allows configuring FQDNs with static IP addresses. When a device attempts to reach a FQDN configured in this table, the static IP addresses will be used instead of resolving the FQDN.
  • Hoc.InsertStaticHost: To insert a new static host
  • Hoc.StaticHosts.Delete: To delete a static host:

Updating the system name or system location

The name and location of the Mediatrix unit can be specified. This information is for display purposes only and does not affect the behavior of the unit.
  • Hoc.SystemName: To set the system name
  • Hoc.SystemLocation: Set the system location

Top

Interfaces

Basic Interface Concepts

IP Address Reservation

Before connecting the Mediatrix unit to the network, Media5 strongly recommends to reserve an IP address in your network server – if using one – for the unit you are about to connect.

This way, the IP address associated with a particular unit will be known. Network servers generally allocate a range of IP addresses for use on a network and reserve IP addresses for specific devices using a unique identifier for each device. The Mediatrix unit unique identifier is the media access control (MAC) address. Refer to Locating the MAC Address of Your Mediatrix Unit.


Top
Locating the MAC Address of Your Mediatrix Unit
About this task
The MAC address of the unit is:
  • printed on a label located under the Mediatrix unit
  • displayed in the Current Status table of the Web Interface (System/Information)

Top

Important Information About Network Interfaces

Naming
  • The name of the network interface is case sensitive.
  • Using the special values All, Loop, LoopV6, and Rescue are not allowed to name a network interface
  • A valid network interface name:
    • must start with a letter
    • cannot contain characters other than letters, numbers, and underscores
Configuration
  • It is not possible to have different IP addresses from the same subnet on one interface.
  • It is possible to create up to 48 network interfaces.
  • LLDP cannot be activated on multiple network interfaces simultaneously.
  • If no network is configured in IPv6, the unit does not have any IPv6 address, not even the Link-Local address. When a network is configured in IPv6, the Link-Local (FE80 ::...) address is automatically created and displayed in the Network Status information.
  • In case of address conflicts between two or more network interfaces, the network interface with the highest priority will remain enabled and the other interfaces will be disabled. If the priority is the same, only the first enabled network interface will be able to use the IP address. When a conflict ends, all network interfaces concerned automatically return to an operational state.
  • Media5 recommends to reserve an IP address with an infinite lease for each Mediatrix unit on the network.
  • The Rescue Network Interface cannot be deleted.
IMPORTANT: Use extreme care when configuring network interfaces, especially when configuring the network interface used to contact the unit for management. Be careful never to disable or delete the network interface used to contact the unit. Also be careful to always set the unit’s management interface to be an interface that you can contact.

Top

Default Network Interfaces

There are four Network Interfaces created by default on the Mediatrix unit: Uplink, Lan 1, UplinkV6, and Rescue.

  • The Uplink network interface defines the uplink information required by the Mediatrix unit to properly connect to the WAN. (By default eth1 for all platforms, except for the 4102S which is WAN . By default, this interface uses the IpDhcp (IPv4 DHCP) connection type. If you are using only one Network Interface, you must use Uplink.
  • The Lan1 network interface defines the information required by the Mediatrix unit to properly connect to the LAN.(By default eth2-5 for all platforms, except for the 4102 which is LAN) By default, the Lan1 Network Interface uses the IpStatic (IPv4 Static) connection type. The Lan1 network interface can only be added on units with 2 network ports.
  • The Rescue network interface, is used to display the Rescue Management Interface when a partial reset of the unit is performed. By default, the Rescue network interface
    • is disabled and automatically enabled when a partial reset is performed.
    • uses the IpStatic (IPv4 Static) or the Ip6Static (IPv6 Static) addresses.
    The Rescue Network Interface cannot be deleted. Refer to the Technical Bulletin - Performing a Partial Reset document published on the Media5 documentation portal https://documentation.media5corp.com/
  • The UplinkV6 network interface defines the IPv6 uplink information required by the Mediatrix unit to properly connect to the WAN. By default, this interface uses the IP6autoConf (IPv6 Auto-Conf) configuration mode.
It is possible to create up to 48 Network Interfaces.

Top
Link Default Values for the Uplink Network Interface
Unit Type Link Default Value
Sentinel 400 eth1
Sentinel 100 eth1
Mediatrix G7 eth1
Mediatrix S7 eth1
Mediatrix C7 series eth1
Mediatrix 4104 eth1/eth
Mediatrix 4108/16/24 eth1
Mediatrix 4102S Wan
Mediatrix 4400 series eth1
Mediatrix LP series eth1
Mediatrix 4108 IPPBX eth1

Top
Link Default Values for the Lan1 Network Interface
Unit Type Link Default Value
Sentinel 400 eth2-5
Sentinel 100 eth2-5
Mediatrix G7 series eth2-5
Mediatrix S7 series eth2-5
Mediatrix C7 series eth2
Mediatrix 4104 eth2
Mediatrix 4108/16/24 eth2
Mediatrix 4102 lan
Mediatrix 4400 series eth2
Mediatrix LP series eth2
Mediatrix 4108 IPPBX eth2

Top

Link Layer Discovery Protocol (LLDP)

The Link Layer Discovery Protocol (LLDP) service is used by network devices for advertising their identity, capabilities, and neighbors on a IEEE 802 local area network, usually wired Ethernet.

LLDP cannot be activated on more than one network interface at a time.


Top

Link Connectivity Detection

Each Ethernet port of the Mediatrix unit is associated with an Ethernet link.

An Ethernet link has connectivity if at least one of its port status is not disconnected. The link connectivity is periodically polled (every 500 milliseconds). It takes two consecutive detections of the same link state before reporting a link connectivity transition. This avoids reporting many link connectivity transitions if the Ethernet cable is plugged and unplugged quickly.


Top

PPP Negotiation

When the Mediatrix unit restarts, it establishes the connection to the access concentrator in conformance with RFC 2516 section 5.1.

When establishing a PPP connection, the Mediatrix unit goes through three distinct phases:
  • Discovery phase: The Mediatrix unit broadcasts the value of the Service Name field. The access concentrator with a matching service name answers the Mediatrix unit.
    • If no access concentrator answers, this creates a PPPoE failure error.
    • If more than one access concentrators respond to the discovery, the Mediatrix unit tries to establish the PPP connection with the first one that supports the requested service name.
  • Authentication phase: If the access concentrator requests authentication, the Mediatrix unit sends the ID/secret pair configured in the User Name and Password fields. If the access concentrator rejects the authentication, this creates an “authentication failure” error.
  • Network-layer protocol phase: The Mediatrix unit negotiates an IP address. The requested IP address is the one from the last successful PPPoE connection. If the Mediatrix unit never connected by using PPPoE (or after a factory reset), it does not request any specific IP address.

Top

IPv6 Autoconfiguration Interfaces

When the Type drop-down menu is set to IPv6 Auto-Conf, the network interface is an IPv6 over Ethernet connection with IP parameters obtained by stateless auto-configuration or stateful (DHCPv6) configuration.

Autoconfiguration of IPv6 address is first initiated using state-less autoconfiguration. Stateful autoconfiguration is initiated only if one of the following conditions is met:
  • The router explicitly required stateful autoconfiguration by setting the “managed” or “other” flag of the router advertisement.
  • No router advertisement was received after 3 router solicitations. RFC 4861 defines the number of router solicitations to send and the 4 seconds interval between the sent router solicitations.

Top

Stateless Autoconfiguration

All IPv6 addresses present in the router advertisements are applied to the network interface

Each IPv6 address is assigned a network name based on the configured network name with a suffix in the following format: ConfiguredNetworkName-XX-Y. XX is the address scope
  • GU (Global Unique)
  • UL (Unique Local)
  • LL (Link-Local)
Y is a unique ID for the address scope.

Top

Spanning Tree Protocol vs Stateless Autoconfiguration

Many network switches use the Spanning Tree Protocol (STP) to manage Ethernet ports activity.

STP uses a detection timeout before a router advertisement is sent to the Mediatrix unit. The default value for this timeout is usually 30 seconds. However, when the unit wants to get an IPv6 address in Stateless autoconfiguration, this timeout is too long and the unit falls into Stateful Autoconfiguration mode before it receives the router advertisement. This results in the unit receiving a DHCPv6 address. To solve the issue, check if the default STP detection timeout value in your router can be modified. If so, set it to a value of 8 s or less. If you cannot modify the timeout value, Media5 recommends to disable the Spanning Tree Protocol on the network to which the unit is connected.


Top

Statefull Autoconfiguration

Stateful autoconfiguration is managed by DHCPv6. The DHCPv6 lease is negotiated according to the limitations listed in section 1.5 of RFC 3315.

DHCPv6 may be used to obtain the following information (depending on the router advertisement flags):
  • IPv6 addresses (when the router advertisement “managed” flag is set)
  • Other configuration (when the router advertisement “other” flag is set)
If only the “other” flag is set in the router advertisement, the DHCPv6 client only sends an information request to the DHCPv6 server, otherwise it sends a DHCPv6 solicit message. If the flags change over time, only the transitions from “not set” to “set“ are handled.

Top

Speed and Duplex Detection Issues

There are two protocols for detecting the Ethernet link speed: parallel detection and auto-negotiation (IEEE 802.3u).

The auto-negotiation protocol allows the detection of the connection speed and duplex mode. It exchanges capabilities and establishes the most efficient connection. When both endpoints support the auto-negotiation, there are no problems. However, when only one endpoint supports auto-negotiation, the parallel detection protocol is used. This protocol can only detect the connection speed; the duplex mode cannot be detected. In this case, the connection may not be established. The Mediatrix unit has the possibility to force the desired Ethernet link speed and duplex mode by disabling the auto-negotiation and selecting the proper setting. When forcing a link speed at one end, be sure that the other end (a hub, switch, etc.) has the same configuration. To avoid any problem, the link speed and duplex mode of the other endpoint must be exactly the same.


Top

Basic Interface Tasks

Creating a Network Interface

Steps
  1. Go to Network/Interfaces.
  2. In the Network Interface Configuration table, click +.
  3. Enter a name in the Name field.
    Note: The Network Interface name must be unique and is case sensitive.
  4. From the Link selection list, select Ip6Static (IPv6 Static).
  5. In the Static IP Address field, enter the FQDN or IP address of
  6. Click Apply.
Result
The new Network Interface will be available in the:
  • Media Interface Configuration table under the SBC/ Configuration tabs (provided you have the Sbc service)
  • Signaling Interface Configuration table under SBC/ Configuration tabs (provided you have the Sbc service)
  • DHCP Server Configuration table under the Network/ DHCP Server tabs
  • Signaling Network table under the SIP/Gateways tabs
  • Network Interface table under the SIP Proxy/Configuration tabs.
  • Network Interface table under the Management/Misc tabs.
  • Forward To Network table under the Network/IP Routing tabs.

Top

Configuring a Network Interface

Context
When configuring network interfaces, Media5 recommends to have a syslog client properly configured and enabled in order to receive any message related to the network interfaces behaviour. The interface used to access the syslog client must also be properly enabled.
Steps
  1. Go to Network/Interfaces.
    IMPORTANT: Use extreme care when configuring network interfaces, especially when configuring the network interface used to contact the unit for management. Be careful never to disable or delete the network interface used to contact the unit. Also be careful to always set the unit’s management interface to be an interface that you can contact.
  2. In the Network Interface Configuration table, complete the fields as required.
  3. From the Activation drop-down list, select Enable.
  4. Click Apply.

Top

Associating an Ethernet Link to a Network Interface

Steps
  1. Go to Network/Interfaces.
  2. In the Network Interface Configuration table, from the Link field , select the link to be associated with a Network Interface (the link will appear as ethx.VlanId).
    Note: Once the changes are applied, the connection with the unit might be lost. You may need to reconnect to the Web page.
  3. Complete the fields as required.
  4. Click Apply.
Result
The Network interface is associated with a physical interface i.e. an Ethernet Link.


Top

Configuring the PPPoE Connection Type

Before you begin
The User Name and Password fields are not accessible if you have the User or Observer access right.
Context
Perform this procedure only if you have selected PppIpcp (IPv4 PPPoE) as a connection type for your Network Interfaces.
Steps
  1. Go to Network/Interfaces.
  2. In the PPPoE Configuration table, complete the fields as required.
  3. Click Apply.
Result
The current PPPoE information is displayed in the Status page.

Top

Configuring the Link Layer Discovery Protocol (LLDP)

Before you begin
The Llpd service must be started.
Steps
  1. Go to Network/Interfaces.
  2. In the LLDP Configuration table, select the network interface name on which LLDP should be enabled.
    Note: LLDP cannot be activated on multiple network interfaces simultaneously.
  3. Select the address type to populate the chassis ID device identifier.
  4. Select whether to enable the LLDP-MED protocol override of the VLAN ID.
  5. Click Apply if you do not need to set other parameters.
Result
The current LLDP information is displayed in the Status tab.

Top

Configuring a Link as a Virtual Switch

Steps
  1. Go to Network/Interfaces.
  2. In the Ethernet Link Configuration table, from the Virtual Switch selection list, select Enable located on the same row as the link you wish to enable for the virtual switch.
  3. Click Apply.
Result



Top

Configuring the Ethernet Link linked to a Network Interface

Steps
  1. Go to Network/Interfaces.
  2. In the Ethernet Link Configurationtable, set the MTU field of a specific Ethernet link with required value.
    Note: The MTU value applied for a PPPoE connection is the smallest of the value negotiated with the server and the value configured here.
    Note: Each Network interface used by TCP/IP may have a different MTU value specified. All VLAN connections use the MTU size configured on their related Ethernet link.
  3. From the 802.1x Authentication select Enable for each Ethernet link requiring 802.1x Authentication.
  4. Enter the EAP username used to authenticate each Ethernet link interfaces during the IEEE 802.1x EAPTLS authentication process..
  5. From the EAP Certificate Validation field, choose the IEEE 802.1x level of validation used by the device to authenticate the IEEE 802.1x EAPTLS peer's certificate.
  6. Click Apply if you do not need to set other parameters.
Result
The current status of the network interfaces is displayed in the Status page.

Top

Selecting the IEEE 802.1x Version

Steps
  1. Go to Network/Interfaces.
  2. In the EAP 802.1x Configuration table, select the IEEE 802.1x version.
  3. Click Apply if you do not need to set other parameters.
Result



Top

Advanced Network Interface Parameters

Although the services can be configured in great part in the Web browser, some aspects of the configuration can only be completed with the configuration parameters by :
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters
For more details on the following parameters, refer to DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/

Network Interfaces Priority

Refer to eth.networkInterfacesPriority

DHCP Client Identifier Presentation

Refer to bni.dhcpClientIdentifierPresentation

Ethernet Connection Speed

Refer to eth.portsSpeed

Top

VLAN

Basic VLAN Tasks

Creating a VLAN

Steps
  1. Go to Network/VLAN.
  2. In the VLAN Configuration table, from the Link selection list, select the Ethernet link the vlan will use.
  3. Complete the VlanId and the Default User Priority fields as required.
  4. Click located at the end of the newly created Vlan.
  5. Click Apply.
    Note: Do not forget to enable the VLan under Network/Interfaces

Top

Associating a VLAN to an Ethernet Link

Steps
  1. Go to Network/VLAN.
  2. From the Link selection list, select the Ethernet link the VLAN interface will use.
  3. In the VlanId field, set the VLAN ID used by the VLAN interface.
  4. In the VLAN configuration table, click +.
  5. Set the default user priority value.
  6. To create another VLAN, repeat steps 1 to 5.
  7. Click Apply.
Result
The Vlan will be associated with a physical interface i.e. an Ethernet Link.


Top

Configuring the Default User Priority on an Existing VLAN

Steps
  1. Go to Network/VLAN.
  2. Under the Default User Priority column, set the User Priority to the respective VLAN.
    Note: For specific services (Signaling, Voice, T.38) you can override the values above by setting specific service class values. Refer to Overriding the DiffServ and QoS Service Class Default Values.
  3. Click Apply.
Result
The value of the Default User Priority column will be applied to the existing VLAN.

Top

Configuring the Default User Priority on a New VLAN

Steps
  1. Go to Network/VLAN.
  2. Under the Link column, select the physical link to which you want to add a VLAN.
  3. Under the VlanId column, define the number of the VLAN you wish to create.
  4. Click + located on the right hand side of the screen.
  5. Under the Default User Priority column, set the User Priority for the respective VLAN.
    Note: For specific services (Signaling, Voice, T.38) you can override the above values by setting specific service class values. Refer to Overriding the DiffServ and QoS Service Class Default Values.
  6. Click Apply.
Result
The value of the Default User Priority column will be applied to the newly created VLAN.

Top

QoS

Basic QoS Concepts

Quality of Service (QoS)

QoS (Quality of Service) features enable network managers to decide on packet priority queuing.

DGW supports:
  • Differentiated Services (DS) Field (for IPv4)
  • Traffic Class Field (for IPv6)
  • 802.1Q taggings

Top

Differentiated Services (DS) Field (for IPv4 only)

Differentiated Services (DiffServ, or DS) is a protocol for specifying and controlling network traffic by class so that certain types of traffic (for example voice traffic which requires a relatively uninterrupted flow of data) might get precedence over other kinds of traffic.

DiffServ replaces the first bits in the ToS byte with a differentiated services code point (DSCP). It uses the existing IPv4 Type of Service byte. In DGW the entire ToS byte is currently configurable, thus the ToS decimal value is used. Please refer to:

For example, for a DSCP value of 46, the ToS value of 184 should be used. For DSCP and ToS mappings, please refer to the following table:
TOS (Dec) TOS (Hex) TOS (Bin) TOS Precedence (Bin) TOS Precedence (Dec) TOS Precedence Name TOS Delay flag TOS Throughput flag TOS Reliability flag DSCP (Bin) DSCP (Hex) DSCP (Dec) DSCP/PHB Class
0 0x00 00000000 000 0 Routine 0 0 0 000000 0x00 0 none
4 0x04 00000100 000 0 Routine 0 0 1 000001 0x01 1 none
8 0x08 00001000 000 0 Routine 0 1 0 000010 0x02 2 none
12 0x0C 00001100 000 0 Routine 0 1 1 000011 0x03 3 none
16 0x10 00010000 000 0 Routine 1 0 0 000100 0x04 4 none
32 0x20 00100000 001 1 Priority 0 0 0 001000 0x08 8 cs1
40 0x28 00101000 001 1 Priority 0 1 0 001010 0x0A 10 af11
48 0x30 00110000 001 1 Priority 1 0 0 001100 0x0C 12 af12
56 0x38 00111000 001 1 Priority 1 1 0 001110 0x0E 14 af13
64 0x40 01000000 010 2 Immediate 0 0 0 010000 0x10 16 cs2
72 0x48 01001000 010 2 Immediate 0 1 0 010010 0x12 18 af21
80 0x50 01010000 010 2 Immediate 1 0 0 010100 0x14 20 af22
88 0x58 01011000 010 2 Immediate 1 1 0 010110 0x16 22 af23
96 0x60 01100000 011 3 Flash 0 0 0 011000 0x18 24 cs3
104 0x68 01101000 011 3 Flash 0 1 0 011010 0x1A 26 af31
112 0x70 01110000 011 3 Flash 1 0 0 011100 0x1C 28 af32
120 0x78 01111000 011 3 Flash 1 1 0 011110 0x1E 30 af33
128 0x80 10000000 100 4 FlashOverride 0 0 0 100000 0x20 32 cs4
136 0x88 10001000 100 4 FlashOverride 0 1 0 100010 0x22 34 af41
144 0x90 10010000 100 4 FlashOverride 1 0 0 100100 0x24 36 af42
152 0x98 10011000 100 4 FlashOverride 1 1 0 100110 0x26 38 af43
160 0xA0 10100000 101 5 Critical 0 0 0 101000 0x28 40 cs5
176 0xB0 10110000 101 5 Critical 1 0 0 101100 0x2C 44 voice-admit
184 0xB8 10111000 101 5 Critical 1 1 0 101110 0x2E 46 ef
192 0xC0 11000000 110 6 InterNetwork Control 0 0 0 110000 0x30 48 cs6
224 0xE0 11100000 111 7 Network Control 0 0 0 111000 0x38 56 cs7

Top

Network Traffic Control

It is possible to apply bandwidth limitations to the network interfaces.

The limitations are applied on the raw data of the physical link and not only on the payload of the packets. All headers, checksums and control bits (TCP, IP, CRC, etc.) are considered in the actual bandwidth. A bandwidth limitation is applied on a physical link and not on a virtual network interface. All high-level network interfaces (including VLANs) using the same physical link are affected by a configured limitation. This limitation is applied to outgoing traffic only (egress). Bandwidth limitation is an average of the amount of data sent per second. Thus, it is normal that the unit sends a small burst of data after a period of silence.


Top

Basic QoS Tasks

Creating the Default Unit QoS

Before you begin
You must have a Network Interface created.
Steps
  1. Go to Network/QoS.
  2. In the Differentiated Services Field Configuration table, complete the fields as required, in order to define the default Differentiated Services value for all generated IPv4 packets and the default Traffic Class value for all generated IPv6 packets.
    IMPORTANT: For specific services (Signaling, Voice, T.38) above values can be overridden by setting the specific service class values. Refer to Overriding the DiffServ and QoS Service Class Default Values.
  3. Click Apply.
Result
The unit will apply the specified values as default values for all generated IPv4 and IPv6 packets respectively.

Top

Configuring the Default User Priority on Physical Links (802.1Q Tagging)

Context
The 802.1Q standard recommends the use of the 802.1Q VLAN tags for Ethernet frames traffic prioritisation. VLAN tags are 4-byte headers in which three bits are reserved for priority indication. The values of the priority bits shall be provisioned. The VLAN ID part of the 802.1Q tag is always set to 0.
Steps
  1. Go to Network/QoS.
  2. In the Ethernet 802.1Q Tagging Configuration table, select Enable for each interface on which you want to enable user priority tagging.
  3. Set the Default User Priority value each interface uses when tagging packets in the Default User Priority column.
    Note: For specific services (Signaling, Voice, T.38) you can override the values above by setting specific service class values. Refer to Overriding the DiffServ and QoS Service Class Default Values.
  4. Click Apply.
Result
The selected Default User Priority values will be applied to the Physical Links (VLAN ID = 0) for which the 802.1Q tagging is set to Enable.

Top

Overriding the DiffServ and QoS Service Class Default Values

Steps
  1. Go to Network/QoS.
  2. In the Service Class Configuration table, for each service class, set for IPv4 packets the DiffServ value or the Traffic Class value for IPv6 packets, .
  3. Set a specific User Priority for each class under the User Priority column.
  4. Click Apply.
  5. Click restart required services, located at the top of the page.
Result
The values set for the DiffServ or the Traffic Class parameters will override any value already specified for the service class (Signaling, Voice, T.38).

Top

Configuring Network Traffic Control

Before you begin
The Network Traffic Control (NTC) service must be enabled. Refer to Enabling the Network Traffic Control (NTC) Service.
Steps
  1. Go to Network/QoS.
  2. In the Network Traffic Control Configuration, set the Egress Limit field for the selected link interface.
    IMPORTANT:
    The range is from 64 to 1,000,000 kilobits per second. The value 0 means no bandwidth limitation and no prioritisation. This value must be set according to the upstream bandwidth limit of the network on this link. Set to 0 (disable) if the network bandwidth exceeds 1,000,000 kbps or the effective limit of this device. NTC service sends packets on the physical link according to their respective priorities. The lower the value, the higher the priority. Packets with lower priority are dropped first. The maximum value of the HiddenMaxEgressLimit is :
    • 1,000,000 kilobits on the Sentinel 400
    • 500,000 kilobits on the Sentinel 100, Mediatrix G7 series, and Mediatrix S7 series
    • 40,960 kilobits (5MB/s) on all other platforms
  3. Click Apply.
Result
The defined egress limit is applied on the respective ETH interface.

Top

Example

Default Unit QoS and Service Class Configuration for IPv4

Any IPv4 packet sent from the unit has the value applied in the Default DiffServ (IPv4) field of the Differentiated Services Field Configuration table under Network/QoS tab. This default value is overridden on what concerns the specific service classes defined under the same area and in the Service Class Configuration table.

In the following example, the ToS decimal value for the default egress IPv4 traffic is 120 (which corresponds to DSCP=30 or AF, Assured Forwarding), while for the Signaling service class, the DiffServ value is equal to 184 (DSCP=46 or EF, Expedited Forwarding)


When the unit generates a DNS query (which does not belong to the Signaling service class) the default unit IPv4 DiffServ value is applied (ToS=120 or DSCP=30), as shown in the trace below:


When the unit generates a SIP packet (which belongs to the Signaling service class) the Signaling-specific DiffServ value is applied (ToS=184 or DSCP=46)as shown in the trace below:



Top

Local Firewall

Basic Local Firewall Concepts

Local Firewall

The local firewall allows you to create and configure rules to filter incoming packets that have the Mediatrix unit as destination.

The Local Firewall is therefore a security feature that allows you to protect your Mediatrix unit from receiving packets from unwanted or unauthorized peers. As a best practice, the way the Local Firewall should work is to, by default, drop all incoming packets (i.e. not forward the packet to its destination) and let incoming packets go through only if they match a rule requirements. However, incoming packets for an IP communication established by the Mediatrix unit are always accepted (Example : If the Mediatrix unit sends a DNS request, the answer will be accepted).

When configuring the Local Firewall, enabling the default policy to drop all incoming packets should be the last step you perform otherwise, you may lose contact with the Mediatrix unit, even if you are performing the initial configuration of your system. Therefore, start by creating the rules that allow the Mediatrix unit to accept some packets. This way communication will not be lost and you will not need to perform a partial or factory reset to reconnect with the Mediatrix unit.

You can use a maximum of 20 rules, but the more rules are enabled, the more overall performance is affected.


Top

Firewall Rule Order - Important

The order in which the incoming packets are tested against the rules is important if you want to make sure that they actually have a filtering effect on incoming packets.

Rules can be configured to accept or to decline packets. But, always put the most restrictive rules first as they are executed sequentially starting with the first one listed at the top of the table i.e. make sure that the order in which the rules are executed does not cause a rule to be systematically excluded.

For example:
  • If the first rule excludes all packets coming from a specific net mask, providing a second rule for an IP address with that same net mask will have no effect.
  • If the first rule indicates actions to be taken for a specific IP address with a given net mask, and the second rule indicates to exclude all IP addresses with that net mask, both rules will be applied and have a result on the incoming packets.

Top

Basic Local Firewall Tasks

Configuring the Local Firewall

Before you begin
You must have a Network Interface created.
Steps
  1. Go to Network/Local Firewall.
  2. In the Local Firewall Rules table, complete the fields as required.
  3. In the Local Firewall Configuration table, from the Default Policy selection list, select Drop.
    IMPORTANT: Before setting the Default Policy to Drop, i.e. to apply the local firewall rules and to drop any incoming call that does not match a rule, review your rules to make sure that at least one rule accepts incoming packets for management, otherwise the communication with the Mediatrix Sentinel will be lost.
    Note: For example, if the Web interface is used for management (HTTP port 80) via the unit's LAN interface (default IP address = 192.168.0.10), then the following rule could be added:Activation=Enable / Destination Address=192.168.0.10 / Destination port=80 / Protocol=TCP / Action=Accept
    Note: For blacklisting to be used, at least one firewall rule must have the Black listing enable box checked.
    Note: Before setting the Default Policy to Drop, review your rules to make sure that at least one rule accepts incoming packets, otherwise the communication with the Mediatrix Sentinel will be lost.
  4. Click Save.
    Caution: Take the time to carefully review your rules before continuing to the next step.
  5. Click Save & Apply to apply all changes to the configuration.
  6. Click restart required services, located at the top of the page.
Result
The Local Firewall will drop packets without any notification message.

If a rule with the Black listing enable box checked matches a packet and no Rate Limit Value was set, then the source address of the packet will be black listed and all packets coming from this address will be blocked for the duration of the Blacklist Timeout.

If a rule with the Black listing enable box checked matches a packet and the Rate Limit Value has been reached, then the source address of the packet will be black listed and all packets coming from this address will be blocked for the duration set for the Blacklist Rate Limit Timeout.


Top

Disabling the Local Firewall

Before you begin
You must have a Network Interface created.
Steps
  1. Go to Network/Local Firewall.
  2. In the Local Firewall Configuration table, set the Default Policy to Accept.
  3. In the Local Firewall Rules table, from the Activation column, select Disable for all the rules.
  4. Click Save.
    Caution: Take the time to carefully review your rules before continuing to the next step.
  5. Click Save & Apply to apply all changes to the configuration.
  6. Click restart required services, located at the top of the page.
Result
All incoming packets will be accepted.

Top

Setting the No Match Local Firewall Default Policy

Steps
  1. Go to Network/Local Firewall.
    Note: Before setting the Default Policy to Drop, i.e. to apply the local firewall rules and to drop any incoming call that does not match a rule, review your rules to make sure that at least one rule accepts incoming packets, otherwise the communication with the Mediatrix Sentinel will be lost.
  2. In the Local Firewall Configuration table, set the Default Policy to Drop.
Result
The local firewall rules will be applied and if an incoming call does not match a call it will be dropped.

Top

Configuring Black Listing Duration

Steps
  1. Go to Network/Local Firewall.
  2. In the Local Firewall Configuration table, set the Blacklist Timeout
  3. Set the Blacklist Rate Limit Timeout.
  4. Click Save.
    Caution: Take the time to carefully review your rules before continuing to the next step.
  5. Click Save & Apply to apply all changes to the configuration.
  6. Click restart required services, located at the top of the page.
Result
Blacklisting parameters will be updated. Remember that for blacklisting to be used, at least one rule must have blacklisting enabled.

If a rule with the Black listing enable box checked matches a packet and no Rate Limit Value was set, then the source address of the packet will be black listed and all packets coming from this address will be blocked for the duration of the Blacklist Timeout.

If a rule with the Black listing enable box checked matches a packet and the Rate Limit Value has been reached, then the source address of the packet will be black listed and all packets coming from this address will be blocked for the duration set for the Blacklist Rate Limit Timeout.


Top

Local Firewall Examples

Generic Whitelist

All incoming calls are dropped unless they match one of the firewall rules which are acting on the incoming packets going towards the Mediatrix gateway.



Result:
Rule #
1 Any incoming packet from the LAN subnet having the unit's LAN host IP address as a destination is allowed.
2 Any incoming packet from the Uplink subnet is allowed (assuming this is a private network).
3 Any HTTP incoming packet from the selected IP address having the unit's Uplink IP address as a destination through TCP port 80 is allowed.
4 Any HTTPS incoming packets from the selected IP address having the unit's Uplink IP address as a destination through TCP port 443 is allowed, but rate limited to 10 new connection attempts per 60 sec.
5 Any SSH incoming packets from the selected subnet having the unit's Uplink IP address as a destination through TCP port 22 is allowed.
6 Any SIP incoming packets from the selected subnet having the unit's Uplink IP address as a destination through UDP port 5060 is allowed.
7 Any RTP and T.38 incoming packet from the selected subnet having the unit's Uplink IP address as a destination through UDP port range 5004-6020 is allowed.
Default All other incoming packets are rejected.

Top

Whitelist for Internet Hacker Protection

Simple Local Firewall rules to protect the unit from Internet hackers. All incoming calls are dropped unless they match one of the local firewall rules which are acting on the incoming traffic towards the Mediatrix gateway.



Result:
Rule # Description
1 Any incoming packet from the LAN subnet is allowed.
2 Any incoming packet from the Uplink subnet is allowed (assuming this is a private network).
3 Any incoming packet from selected IP address is allowed (e.g. this is the management server).
4 Any incoming packet from the selected subnet is allowed (e.g. this is the Core SIP server, SBC and its media gateways).
Default Any incoming packet not meeting the criteria of these rules is dropped.

Top

Generic Blacklist

The default policy is set to "Accept" but the firewall rules are Blacklists acting on incoming traffic towards the Mediatrix gateway:

Subnet example: 192.168.1.0/24
Result:
Rule # Description
1 Any incoming packet going to the Uplink interface through TCP port 22 (SSH) is dropped.
2 Any incoming packet coming from the specified subnet is dropped.
3 Any HTTP incoming packet coming from the specified IP address to the Uplink interface through TCP port 80 is dropped.
4 Any incoming packet from the specified subnet to the Lan1 interface is rejected, and an ICMP message is returned.
5 Any SIP incoming packets from the specified IP address to the Lan1 interface through UDP port 5060 is rate limited to 10 new connection attempts per 60 sec.
Default All other incoming packets are accepted.

Top

IP Routing

Basic IP Routing Concepts

Important Information About IP Routing

  • The Mediatrix unit’s IP Routing settings do not support IPv6.
  • A packet matching a route uses the custom routing table first and then the main routing table if no route in the custom routing table was able to send the packet to the desired destination IP address.
  • When creating an advanced IP routing Rule, leaving the Source Address or/and Source Link fields empty, indicate that any source of address or/and link will match the rule
  • IP Routing works together with the following services:
    • Network Firewall
    • NAT
    • DHCP server
    • Network Traffic Control
  • When the IP Routing service is started and the IPv4 Forwarding is enabled, IP routing is activated even if there is no configured rule (the Mediatrix unit will forward received packets). If the IP Routing service is stopped, IP forwarding is disabled, this tab is greyed out and the parameters are not displayed.
  • Enabling the IP routing service and adding rules has an impact on the Mediatrix unit’s overall performance as IP routing requires additional processing. The more rules are enabled, the more overall performance is affected.
    Note: Media5 recommends to use a 30 ms packetization time when IP routing is enabled (instead of a 20 ms ptime, for instance) in order to simultaneously use all the channels available on the unit.

Top

IP Routing Rule Order - Important

The IP routing rules sequence is very important because only one forwarding rule is applied on a packet. Rules priority is determined by their position in the Advanced IP Routes table. If you want the unit to try to match one rule before another one, you must put that rule first. Make sure to put the must restrictive rules before the less restrictive ones.

Top

Static IPv4 vs Advanced IP Routing

Network IP routing defines the routes for outgoing network traffic, where each route is associated with a network interface. The selection of which route a network packet should follow is generally based on the destination IP address criteria.

The Static IPv4 Routes are used to specify additional routes from the default ones automatically created by the configuration of the various network interfaces (see the BNI service).

The Advanced IP Routes are used only when IPv4 Forwarding is enabled, and allow to select a route, not just from the destination IP address, but also from the source IP address and interface criteria.


Top

Basic IP Routing Tasks

Enabling IPv4 Forwarding

Steps
  1. Go to Network/IP Routing.
  2. In the IP Routing configuration table, select Enable.
  3. Click Save.
Result
If IP Forwarding is disabled, the Advanced IP Routes table is greyed out.


Top

Creating an IP Routing Rule

Steps
  1. Go to Network/IP Routing.
  2. In the Advanced IP Routes table, click .
  3. Complete the fields as required.
    Note: Leaving the Source Address or/and Source Link fields empty, indicate that any source of address or/and link will match the rule
    Note: Do not forget to Enable the route.
    Note: The yellow Yes displayed at the top of the window indicates that the configuration has been modified but not applied (i.e., the Advanced IP Routes section of the Status page differs from the IP Routing page).
  4. Click Save & Apply
Result
The enabled rules are displayed under Network/ Status, in the Advanced IP Routes section, The yellow Config Modified Yes flag is cleared.


Top

Creating a Static IPv4 Route

Steps
  1. Go to Network/IP Routing.
  2. In the Static IP Routes table, click .
  3. Complete the fields as required.
    Note: When the Link field is left empty, the link is automatically selected according to the gateway IP address and the information already present in the routing table.
  4. Click Save & Apply
Result


The current routes available are displayed in the Network/Status under the IP4 Routes IPv4 Routes table.


Top

Advanced IP Routing Parameters

Although the services can be configured in great part in the Web browser, some aspects of the configuration can only be completed with the configuration parameters by :
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters
For more details on advanced parameters, refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/
  • To define whether or not the Classless Static Route Option is enabled: Bni.DhcpClientClasslessStaticRouteOption
  • To define a list of user classes: Bni.DhcpClientUserClass

Top

Top

Network Firewall

Basic Network Firewall Concepts

Network Firewall

The Network firewall allows you to dynamically create and configure rules to filter incoming packets forwarded by the Mediatrix unit among its network interfaces, when the unit is used as a router. Its main functionality is to secure the traffic routed from and to the devices inside the local network.

Since this is a network firewall, rules only apply to incoming packets forwarded by the unit. The traffic is analyzed and filtered by all the rules configured. If no rule matches the incoming packet, the default policy is applied. A rule's priority is determined by its index in the table. Rules using Network Names are automatically updated as the associated IP addresses and network mask are modified. If the Network Firewall service is stopped, all forwarded traffic is accepted, this tab is greyed out and the parameters are not displayed.

Of course, the more rules are enabled, the more overall performance is affected. You can use a maximum of 20 rules.


Top

Firewall Rule Order - Important

The order in which the incoming packets are tested against the rules is important if you want to make sure that they actually have a filtering effect on incoming packets.

Rules can be configured to accept or to decline packets. But, always put the most restrictive rules first as they are executed sequentially starting with the first one listed at the top of the table i.e. make sure that the order in which the rules are executed does not cause a rule to be systematically excluded.

For example:
  • If the first rule excludes all packets coming from a specific net mask, providing a second rule for an IP address with that same net mask will have no effect.
  • If the first rule indicates actions to be taken for a specific IP address with a given net mask, and the second rule indicates to exclude all IP addresses with that net mask, both rules will be applied and have a result on the incoming packets.

Top

Basic Network Firewall Tasks


Top

Disabling the Network Firewall

Before you begin
You must have a Network Interface created.
Steps
  1. Go to Network/Network Firewall.
  2. In the Network Firewall Configuration table, set the Default Policy to Accept.
  3. In the Network Firewall Rules table, from the Activation column, select Disable for all the rules.
  4. Click Save.
    Caution: Take the time to carefully review your rules before continuing to the next step.
  5. Click Save & Apply to apply all changes to the configuration.
Result
All incoming packets will be accepted.

Top

Configuring Black Listing Duration

Steps
  1. Go to Network/Network Firewall.
  2. In the Network Firewall Configuration table, set the Blacklist Timeout
  3. Set the Blacklist Rate Limit Timeout.
  4. Click Save.
    Caution: Take the time to carefully review your rules before continuing to the next step.
  5. Click Save & Apply to apply all changes to the configuration.
  6. Click restart required services, located at the top of the page.
Result
Blacklisting parameters will be updated. Remember that for blacklisting to be used, at least one rule must have blacklisting enabled.

If a rule with the Black listing enable box checked matches a packet and no Rate Limit Value was set, then the source address of the packet will be black listed and all packets coming from this address will be blocked for the duration of the Blacklist Timeout.

If a rule with the Black listing enable box checked matches a packet and the Rate Limit Value has been reached, then the source address of the packet will be black listed and all packets coming from this address will be blocked for the duration set for the Blacklist Rate Limit Timeout.


Top

Firewall Port Opening Example

This generic example shows how to allow remote clients to communicate with the IP office located at the LAN side of the Mediatrix unit.

In this example:
  • The default policy is Drop, meaning that any packet that does not match the network firewall rules configured in the Network Firewall Configuration table will be dropped.
  • To use the network firewall, IPv4 Forwarding (under IP Routing" tab), must be enabled. Without the forwarding, the network firewall is irrelevant because no packet will get passed from Uplink to LAN.


Table 1.
Rule
1 All packets matching an existing connexion are accepted.
2 All packets coming through UDP are accepted.
3 New packets coming from the IP address 1 and port 1 with a destination to IP address 9 and port 7 through TCP, will be allowed.
4 New packets coming from Subnet 2 and port 2 with a destination to Subnet 10 and port 8 through TCP, will be allowed.
5 New packets coming from the IP address 3 and port 3 with a destination to IP address 11 with any port through TCP, will be allowed.
6 New packets coming from the Subnet 4 and port 4 with a destination to Subnet 12 with any port through TCP, will be allowed.
7 Any packet coming from IP address 5 and port 5 to any destination and port through TCP, will be allowed.
8 Any packet coming from Subnet 6 and port 6 to any destination and port through TCP, will be allowed.
9 This rule will not be applied as it is disabled.
10 Any packet coming from Subnet 8 and any port to any destination and port through TCP, will be allowed.
Default Packets are dropped.

Top

NAT

Basic Concepts

Network Address Translation (NAT)

Network Address Translation (NAT, also known as network masquerading or IP masquerading) rewrites the source and/or destination addresses/ports of IP packets as they pass through a router or firewall. It is most commonly used to connect multiple computers to the Internet (or any other IP network) by using one IP address. This allows home users and small businesses to cheaply and efficiently connect their network to the Internet.

The basic purpose of NAT is to multiplex traffic from the internal network and present it to the Internet as if it was coming from a single computer having only one IP address. The Mediatrix unit’s NAT service allows the dynamic creation and configuration of network address translation rules. Depending on some criteria, the packet matching the rule may see its source or destination address modified.

There are two types of NAT rules:
  • Source rules: They are applied on the source address of outgoing packets.
  • Destination rules: They are applied on the destination address of incoming packets.
A rule's priority is determined by its index in the Source NAT or Destination NAT tables (Network/NAT). If the NAT service is stopped, this tab is greyed out and the parameters are not displayed.
The maximum number of rules allowed in the configuration is 10 of each Source NAT and Destination NAT.
Note: Adding source or destination NAT rules has an impact on the Mediatrix unit’s overall performance as the NAT requires additional processing. The more rules are enabled, the more overall performance is affected. Furthermore, Media5 recommends to use a 30 ms packetization time when the NAT is enabled (instead of a 20 ms ptime, for instance) in order to simultaneously use all the channels available on the unit.
Note: The Mediatrix unit NAT service does not support IPv6

Top

Understanding Network Address Translation Rules

A NAT rule specifies a set of matching conditions for network packets.

Each rule can use one or more of the following criteria:
  • Source Address
  • Destination Address
  • Protocol (All, TCP, UDP or ICMP).
If the protocol is set to TCP or UDP, the following criteria can also be used:
  • Source Port
  • Destination Port
When all the criteria of a rule match, the NAT will modify the packet to use the New Address field, either for theSource Address or the Destination Address, according to the type of NAT for which the rule is applied.

Top

NAT Rule Order - Important

The NAT rules are applied on a first match basis, in the order they appear in the configuration.

Because the first match is applied, you must ensure that specific rules come before more general rules, or the specific rules might not be applied as desired.


Top

Destination or Source IP Address Format

IP Addresses can take the form of:
  • An empty string, meaning that the rule will match any IP address
  • An IP address, for example 192.168.0.11
  • A network address, for example 192.168.1.0/24, which corresponds to all IP addresses in the range 192.168.1.0 to 192.168.1.255
It is also possible to use the name of a network interface to represent either the current IP address or network of that interface.
  • Specifying the interface name without a trailing slash represents the IP address
  • The same name with the trailing slash represents the network.
    Note: This is case sensitive (the first letter must be uppercase)
For example, if your lan interface is configured as 192.168.0.10/24
  • Lan1 will be replaced by the current IP address of the lan interface, 192.168.0.10
  • Lan1/ will be replaced with the network of the lan interface, /24, meaning the range from 192.168.0.0 to 192.168.0.255.

If the specified interface is disabled or removed, the rule is automatically disabled thus removed from the NAT. When the network interface is enabled or added back, the rule is automatically enabled and applied in the NAT.


Top

Source or Destination Port Format

Ports can take the form of either:
  • An empty string, meaning that the rule will match any port
  • Single port, for example for a web server: 80
  • A range of ports, for example to forward RTP: 5004-5099

Top

Interaction of NAT rules with the Firewall Service

When using the Network Firewall service, it is important to configure it with respect to the Destination NAT rules because:

  • Source NAT (SNAT) rules are executed after the routing decision, before the packet leaves the unit.
  • Destination NAT (DNAT) rules are executed before the routing decision, as the packet enters the unit.

An example of this would be port forwarding where the DNAT changes the routed address of a packet to a new IP address/port. The Network Firewall must also accept connection to this IP/port in order for the port forwarding to work.


Top

Basic Tasks

Starting/Stopping/Restarting the NAT Service Using the DGW Web Page

Steps
  1. Go to System/Services.
  2. In the User Service table, on the line of the NAT service set the Startup Type selection list to Auto.
  3. Then,
    • click if you wish to start the service, or
    • click to restart the service.
    • click to stop the service.
    Note: When stopping or restarting a service, some interruptions might occur, such as dropped calls, virtual machine shutdown or loss of network connectivity, depending on the affected services and/or its dependencies.
  4. Click Apply.
Result
The status of the service (in the Status column) changes following the executed service command.
  • If you clicked , the tab from which you can access the service from the Web pages are greyed out
  • If you clicked , the tab from which you can access the service from the Web pages are no longer greyed out.

Top

Creating a Source NAT Rule

Before you begin
IPv4 forwarding must be enabled under Network/IP Routing.
Steps
  1. Go to Network/NAT.
  2. In the Source Network Address Translation Rules, click
    Note: To add a rule before an existing entry, locate the proper row in the table and click the button of this row. To add a rule at the end of the existing rows, click the button at the bottom right of the section.
    Note: The yellow Yes in the Config Modified section at the top of the window indicates that the configuration has been modified but not applied (i.e., the Network Address Translation section of the Status page differs from the NAT page).
  3. Complete the fields as required.
  4. Click Apply.
Result
The applied enabled rules are displayed in the Network/Status/Network Address Translation section, which contains the active configuration in the NAT. The yellow Config Modified Yes flag is cleared.

Top

Creating a Destination NAT Rule

Steps
  1. Go to Network/NAT.
  2. In the Destination Network Address Translation Rules, click
    Note: To add a rule before an existing entry, locate the proper row in the table and click the button of this row. To add a rule at the end of the existing rows, click the button at the bottom right of the section.
    Note: The yellow Yes in the Config Modified section at the top of the window indicates that the configuration has been modified but not applied (i.e., the Network Address Translation section of the Status page differs from the NAT page).
  3. Complete the fields as required.
  4. Click Apply.
Result
The applied enabled rules are displayed in the Network/Status/Network Address Translation section, which contains the active configuration in the NAT. The yellow Config Modified Yes flag is cleared.

Top

NAT Rule Examples

Creating a Source NAT Rule to Forward the Lan to the Uplink Network Interface

Steps
  1. Go to Network/NAT.
  2. In the Source Network Address Translation Rules, click .
  3. From the Activation selection list, click Enable.
  4. In the Source Address field, enter Lan1/.
  5. From the Protocol selection list, choose All.
  6. In the New Address field, enter Uplink.
  7. Click Save & Apply.
Result



Top

DHCP Server

Basic Concepts

DHCP Service

The DHCP service allows the Mediatrix unit to act as a DHCP server. The Mediatrix will be able to allocate a range of IP addresses to use on a network, reserve, and distribute the IP addresses and network configuration parameters for specific devices using the MAC address as unique identifier for each device.


Top

DHCP Server

The Mediatrix unit contains an embedded DHCP server that allocates IP addresses and provides leases to the various subnets that are configured

These subnets could have PCs or other IP devices connected to the unit’s LAN Ethernet connectors. These devices could be any combination of switches, PCs, IP phones, etc. If the DHCP service is stopped (which is the default configuration), the DHCP Server tab is greyed out and the parameters are not displayed.

IMPORTANT: There can only be one subnet per Network Interface.

Top

Default vs Specific DHCP Server Configurations

You can use two types of configuration:
  • Default configurations that apply to each subnet of all network interfaces of the Mediatrix unit
  • Specific configurations that override the default configurations. You can define specific configurations for each subnet in your Mediatrix unit. For instance, you could define a lease time for all the subnets of the Mediatrix unit and use the specific configuration parameters to set a different value for one specific subnet.
The parameters available differ according to the subnet you have selected. The Default subnet has less parameters than the specific subnets available on the Mediatrix unit.
IMPORTANT: There can only be one subnet per Network Interface.

Top

Available Configuration Sources

A parameter’s configuration source can be toggled. Here are the possible configuration sources:

Static Parameter is defined as a static parameter locally
Automatic Parameter is obtained from the Uplink network via DHCP or IPCP (PPPoE)
HostConfiguration Parameter is obtained from the HOC Service
HostInterface Parameter is obtained from network interface matching the subnet

Top

Parameters Configuration Sources

The following table lists the configuration parameters and their available configuration sources:

Parameter name Configuration sources
Static Automatic HostConfiguration HostInterface
Domain name X X
Lease time X
Default router X X
List of DNS servers X X X
List of NTP servers X X X
List of NBNS servers X

Top

Subnet Server

The DHCP server manages hosts’ network configuration on a given subnet. Each subnet can be seen as having a distinct DHCP server managing it, which is called a subnet server.

To activate a subnet server for a given network interface, the name of that network interface and the name of the subnet must match, the subnet enable option must be enabled and the configuration of the subnet must be valid. Only one subnet can be defined per network interface.

The network interface can be a physical interface or a logical interface (ex: sub-interface using VLAN). The subnet server status is updated dynamically according to many parameters.

Note: The subnet configuration is invalid when the range of the start or end addresses is out of the network interface's CIDR range, or both parameters are incompatible.

Top

Sending Configuration Parameters to a Client

When an address is leased to a host, several network configuration parameters are sent to that host at the same time according to the options found in the DHCP request. Parameters are set to default at subnet creation time. A parameter can be defined with a subnet specific configuration.

The subnet server will not send a parameter with an empty value. This means that if a client requests a domain name and the subnet server domain name parameter contains an empty field, the subnet server will not add the domain name option in the DHCP response.


Top

Lease Assignment

In order to assign leases, the subnet server draws from an IP address pool (or subnet scope) defined by a start address and an end address. The subnet mask assigned to hosts is taken directly from the network interface. All hosts on the same subnet share the same configuration. The maximum number of supported hosts on a subnet is 254.

Specific IP addresses (static leases), designated by their MAC address, can be defined as reserved for specific hosts.

The subnet server will always assign leases within the IP address pool with an exception for static leases. When a static lease is defined for the host requesting an address, this lease will be assigned to the host if the IP address is within the subnet range even if the address is not within the IP address pool.


Top

DHCP Server Configuration Options

  • Lease Time (Option 51): The Mediatrix unit DHCP server offers a lease time to its subnets. You can use a default lease time for all subnets or define a lease time specific to one or more subnets.
  • Domain Name (Option 15): The Mediatrix unit DHCP server offers a domain name to its subnets. You can use a default domain name for all subnets or define a domain name specific to one or more subnets.
  • Default Gateway (Option 3): The Mediatrix unit DHCP server offers a default gateway (also called default router) to its subnets.
    Note: The default gateway parameters are not available in the Default interface. You must access the specific subnets configuration to set its parameters.
  • DNS (Option 6): The Mediatrix unit DHCP server offers up to four DNS addresses to its subnets. You can use the default DNS addresses for all subnets or define static DNS addresses specific to one or more subnets.
  • NTP (Option 42): The Mediatrix unit DHCP server offers the addresses of up to four NTP (Network Time Protocol) servers to its subnets. You can use the default NTP addresses for all subnets or define static NTP IP addresses specific to one or more subnets.
  • NBNS (Option 44):The NetBIOS Name Server (NBNS) protocol, also called Windows Internet Name Service (WINS) can be configured through this option. This is only needed if you need file sharing on old Windows 95/98/Me/NT PCs. The Mediatrix unit DHCP server offers up to four NBNS addresses to its subnets. You can use the default NBNS addresses for all subnets or define static NBNS addresses specific to one or more subnets.
  • Server Name (Option 66): The Mediatrix unit DHCP server offers a server name to its subnets. You can use a default server name for all subnets or define a server name specific to one or more
  • Bootfile Name (Option 67): The Mediatrix unit DHCP server offers a Bootfile name to its subnets. You can use a default Bootfile name for all subnets or define a Bootfile name specific to one or more.

Top

Basic DHCP Tasks

Configuring the LAN1 DHCP Server Subnet

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Context
Although the parameters of these steps can be configured differently, the values suggested will work for almost every scenario.
Steps
  1. Go to Network/DHCP Server.
  2. In the Select Subnet drop down menu located at the top of the page, select Lan1.
  3. In the DHCP Server Configuration table, set the DHCP Server Enable to Enable.
  4. In the Start IP Address and End IP Address fields, indicate the IP range to use
  5. Set Automatic Configuration Interface to Uplink.
  6. Complete the fields of the Lease Time (Option 51) section. Make sure to set the
    • Subnet Specific selection list to Yes
  7. Complete the fields of the Domain Name (Option 15) section. Make sure to set the
    • Enable Option selection list to Enable
    • Subnet Specific selection list to Yes
    • Configuration Source selection list to Static
  8. Complete the fields of the Default Gateway (Option 3) section. Make sure to set the
    • Enable Option selection list to Enable
    • Configuration Source selection list to Host Interface.
  9. Complete the fields of the DNS (Option 6) section. Make sure to set the
    • Enable Option selection list to Enable
    • Subnet Specific selection list to Yes
    • Configuration Source selection list to Static
  10. Complete the fields of the NTP (Option 42) section. Make sure to set the
    • Enable Option selection list to Enable
    • Subnet Specific selection list to Yes
    • Configuration Source selection list to Static
  11. Complete the fields of the NBNS (Option 44) section. Make sure to set the
    • Enable Option selection list to Enable
    • Subnet Specific selection list to Yes
  12. Do not enable Option 66 or 67.
  13. Click Apply.

Top

Advanced DHCP Tasks

Creating A VLAN DHCP Server Subnet

Before you begin
If you are not using a secure connection, Activate unsecure script transfers and execution through web browser to be able to execute script via the Web browser. To enable a VLAN in the DHCP server, make sure the VLAN is configured in the Network/VLAN tab and has an IP address configured in Network/Interfaces.
Steps
  1. Go to Management/Configuration Scripts/Execute.
    Note: the following step is crucial to make sure the subnet is available in the Select Subnet field under Network/DHCP Server.
  2. In the Execute Inline Script field enter Dhcp.AddSubnet Network=Vlan10.
  3. Click Execute.
Result


The Vlan10 subnet will be available for configuration from the Select Subnet field under Network/DHCP Server.

Top

Adding a Static Lease Using the DGW Web Interface

Before you begin
If you are not using a secure connection, Activate unsecure script transfers and execution through web browser to be able to execute script via the Web browser.
Steps
  1. Go to Management/Configuration Scripts/Execute.
  2. To add a Static Lease, in the Execute Inline Script field enter the Dhcp.AddStatic Lease with the Mac address of the device and its desired static IP address. For example, Dhcp.AddStaticLease MacAddress=0090f8000000 IpAddress=192.168.0.9.
    Note: To delete a static lease, use the Delete operation on the Dhcp.StaticLeases table. For example:Dhcp.StaticLeases[MacAddress=0090f8000000].Delete=Delete
  3. Click Execute.
Result
The Vlan10 subnet will be available for configuration from the Select Subnet field under Network/DHCP Server. Adding a static lease can also be done via the command-line interface via SSH. To list all static leases, execute the Dhcp.StaticLeases command (only available by SSH): Global>Dhcp.StaticLeases

Top

Configuring the DHCP Server Subnet Lease Time (Option 51)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 51 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the Lease Time (Option 51) section, from the Subnet Specific selection list, choose
    • No to use the default lease time
    • Yes to override the default lease time.
  5. If you chose Yes, complete the Lease Time field.

  6. Click Apply.

Top

Configuring the DHCP Server Domain Name Parameters (Option 15)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 15 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the Domain Name (Option 15) section, from the Enable Option selection list, choose
    • Disable to use the default domain name
    • Enable to override the default domain name.
  5. If you chose Enable, complete the fields as required.
  6. Click Apply.

Top

Configuring the DHCP Server Default Gateway (Option 3)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 3 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
    Note: The default gateway parameters are not available in the Default interface. You must access the specific subnets configuration to set the parameters.
  4. Under the Default Gateway (Option 3) section, from the Enable Option selection list, choose
    • Disable to use the default router
    • Enable to override the default router.
  5. If you chose Enable, complete the fields as required.
  6. Click Apply.

Top

Configuring the DHCP Server DNS Parameters (Option 6)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 6 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the DNS (Option 6) section, from the Enable Option selection list, choose
    • Disable to use the default DNS address
    • Enable to override the default router.
  5. If you chose Enable, complete the fields as required.
  6. Click Apply.

Top

Configuring the DHCP Server NTP Parameters (Option 42)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 42 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the NTP (Option 42) section, from the Enable Option selection list, choose
    • Disable to use the default NTP servers
    • Enable to override the NTP servers.
  5. If you chose Enable, complete the fields as required.
  6. Click Apply.

Top

Configuring the DHCP Server NBNS (Option 44)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 51 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the NBNS (Option 44) section, make sure the Enable Option is set to Enable
  5. from the Subnet Specific selection list, choose
    • No to use the default configuration,
    • Yes to override the specific configuration as defined in the following parameters: SpecificNbnsServers.StaticNbns1 , SpecificNbnsServers.StaticNbns2 , SpecificNbnsServers.StaticNbns3 , and SpecificNbnsServers.StaticNbns4.
  6. If you chose Yes, complete the fields as required.
  7. Click Apply.

Top

Configuring the DHCP Server Name Parameters (Option 66)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed. To use specific files, you must know their name, their path and your server must be accessible by the unit.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 66 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the Server Name (Option 66) make sure the Enable Option is set to Enable,
  5. From the Subnet Specific selection list, choose
    • No to use the default server name
    • Yes to override the default server name.
  6. If you chose Yes, complete the fields as required.
  7. Click Apply.

Top

Configuring the DHCP Server Bootfile Parameters (Option 67)

Before you begin
Make sure the DHCP service is started (System/Services/User Service) otherwise the DHCP Server tab will be greyed. To use specific files, you must know their name, their path and your server must be accessible by the unit.
Steps
  1. Go to Network/DHCP Server.
  2. From the Select Subnet selection list, choose the subnet requiring Option 67 configuration.
  3. In the DHCP Server Configuration table, make sure the DHCP Server Enable selection list is set to Enable.
  4. Under the Bootfile Name (Option 67) section, from the Enable Option selection list, choose Enable to override the default DHCP Server Bootfile Name.
  5. From the Subnet Specific selection list, choose
    • No to use the default configuration.
    • Yes to override the default configuration.
  6. If you chose Yes, complete the Bootfile Name field.
  7. Click Apply.

Top

SIP Proxy

Configuring the SipProxy Service

Steps
  1. Go to SIP Proxy/Configuration.
  2. In the Monitoring section of the Configuration table, in the Interval field, enter the interval at which monitoring requests are sent to verify the SIP server status, in seconds.
  3. In the Toggle Delay field, enter the delay before reporting a status change of the monitored destination, in seconds.
  4. In the Destination field, enter the server IP address or FQDN to monitor.
    Note: In most cases, this will be the Registrar Host.
  5. In the Keep Alive Error Code field, list the response codes (comma-seperated) that indicate that the server is down.
    Note: To detect that the server is down, use the error codes the server will return when it is not available. This will be much faster than using the timeout.
  6. In the Outbound Proxy Host field, if required by your SIP provider, enter the IP address or FQDN of their outbound proxy.
    Note: This parameter was added in firmware version 45.3 for TCP and TLS transports only. UDP will be supported in a later release.
  7. Click Apply to apply all changes to the configuration.
  8. Located at the top of the page, click restart required services.
Result



Top

SBC

Sentinel on the LAN

The Sentinel 100 or 400 is designed to fit different network roles and topologies. It can be deployed inside a LAN behind a NAT firewall.



In this scenario, the Sentinel is usually configured as follows:

  • Private (local) IP assigned to LAN port, Internal SIP clients (e.g. IP phones and IP PBX) also on the same LAN network.
  • The Uplink Network interface is associated with the Wan/Eth1 physical link.
  • The Lan1 Network interface is associated with the LAN/Eth2-5 physical link.
  • The LAN signaling and media interfaces are not used.
  • A signaling and media interface (pbx_s and pbx_m) wil be created to avoid port conflicts when configuring the Call agents. They will be assigned associated to the LAN/Eth2-5 network interface
  • Local firewall rules created to protect the SBC from outside attack (to complement the Edge NAT firewall router, optional). For more details refer to the Configuring Local Firewalls Configuration guide published on the Media5 documentation portal at https://documentation.media5corp.com
  • Port forwarding for SIP and RTP ports set up on the edge NAT firewall router
  • SBC SIP near end NAT traversal is configured
  • SBC rules to process VoIP calls

Top

Sentinel on the Edge

The Sentinel 100 or 400 is designed to fit different network roles and topologies. It can be deployed on the network Edge, with a public IP address and firewall enabled.



The Sentinel located on the Edge is usually configured as follows:


Top

Configuration

Basic SBC Configuration Concepts

Call Agents

Call Agents represent logical end-points that connect the Mediatrix unit to peers.

For security reasons, the Mediatrix unit communicates by default only with well-known and defined peers. When a request cannot be associated with a Call Agent, it is rejected. Each Call Agent is tied to a specific peer, ensuring all inbound and outbound communications with that peer. Routing rulesets are used to route SIP signaling between Call Agents, where inbound requests from a Call Agent are sent to another (or the same) Call Agent that will send an outbound request to it's related peer. Call Agents can be associated with one or several Rulesets which can be applied to the inbound or the outbound requests.

When there is an inbound request, to determine the Call Agent the inbound request will go through, the Mediatrix unit uses the destination IP address to choose the Network interface. Then the destination port of the inbound request will determine the Signaling or Media Interface used. Finally, the source address and the source port, will allow the Mediatrix unit to direct the request to the appropriate Call Agent. At this point any Rulesets associated with the Call Agent will be applied in order of priority.



When a request is sent out, i.e. there is an outbound request, the Routing Rulesets will determine which Call Agent will be used. Then the Call Agent Rulesets will be applied to the outbound request, in reverse priority order. The outbound request will then be sent through the Signaling and Media Interface associated with the Call Agent. If the public IP address is used, then the SIP request will use this address as the source IP address. The outbound request will then be sent to the peer address of the Call Agent or according to the routing Ruleset if the peer is a Network.



In addition, a Call Agent tracks REGISTER requests or monitor the peer host using SIP options. When these features are activated, the Call Agent registration state and monitoring state are updated allowing a Routing Ruleset to select another Call Agent based on the state of a primary Call Agent.

Eight default types of Call Agents were created for Mediatrix unit. This should be enough to cover all your needs. However, for advanced users, it is possible to create new Call Agents.

Seven of the eight default Call Agents allow the Mediatrix unit to communicate with seven different types of end-points.

Call Agent Name SIP or Endpoint Peer
wan_ip_trunk_ca SIP server located on the WAN.
trunk_lines_ca Public Switch Telephony Network (PSTN), through PRI, BRI or FXO ports.
phone_lines_ca Telephones, through FXS ports.
lan_ip_pbx_ca IP Private branch exchange (PBX) located on the LAN.
local_users_ca Users via SIP telephony located on the LAN.
remote_users_ca Users using SIP telephony located on the WAN.
registration_ca Used to route the registrations issued by the Registration Agent.
secondary_ip_trunk_ca SIP server if the wan_ip_trunk_ca Call Agent is not available.


Top

phone_lines_ca Call Agent

The phone_lines_ca Call Agent is used to route calls via an FXS port of the Mediatrix unit.

Typically it will route calls to and from analog phones and faxes within the enterprise premises. This Call Agent will be used for example when a call is routed from one colleague to another using analog phones connected on the FXS ports of the Mediatrix unit. In such a scenario, the call does not go through the LAN network nor the Internet. Since by default this Call Agent uses the loop_m Media Interface to route the media, the media_relay Ruleset is usually associated with this Call Agent.



The phone_lines_ca Call Agent is associated with the phone_lines_gw gateway of the SipEp service. By default, each FXS port sends a REGISTER by the phone_lines_ca Call Agent. Therefore, the administrator must make sure to route these REGISTERs to a server, or to disable them in the SipEp service. If needed, FXS ports can be configured in the Pots service.




Top

trunk_lines_ca Call Agent

The trunk_lines_ca Call Agent is used to route calls to the Public Switch Telephony Network (PSTN) or a enterprise's existent PBX through the PRI, BRI or FXO ports of the unit.

Calls made outside the enterprise premises to telecommunication service providers or calls made within the enterprise through a PBX will typically be routed through this Call Agent. Since by default this Call Agent uses the loop_m Media Interface to route the media, the media_relay Ruleset is usually associated with this Call Agent.

If there are no PRI, BRI or FXO card on the unit, calls through trunk lines can also be routed by the wan_ip_trunk_ca or secondary_ip_trunk_ca Call Agent, provided there is an analog or digital gateway to convert the VoIP call to an analog or digital call, or vice versa.



Further more, the trunk_lines_ca Call Agent is associated with the trunk_lines_gw of the SipEp service. FXO/PRI/BRI ports will need to be configured in either the Pots, Isdn, R2 or Eam services for the calls to be routed properly.




Top

local_users_ca Call Agent

The local_users_ca Call Agent is used to route calls from and to local users, i.e. located in the LAN, via VoIP calls.

For the call to use this Call Agent, the endpoint must belong to the company and use the company's system. This Call Agent is often used as a regrouping point of all local endpoints to be routed to a PBX or Trunk lines. For instance, if you are a Media5 corporation employee, with a cell phone using the Media5 fone application and the entreprise IP-PBX, then your call will be routed through the local_users_ca Call Agent. If an internal employee is using an analog phone, the call can also be routed through this Call Agent provided the call goes first through a gateway to convert the analog call into a VoIP call.




Top

remote_users_ca Call Agent

The remote_users_ca Call Agent is used to route calls from users working out the office and using VoIP calls through an external network or Internet.

Calls are routed through a WAN then to the Mediatrix unit via the remote_users_ca Call Agent.




Top

lan_ip_pbx_ca Call Agent

The lan_ip_pbx_ca Call Agent routes calls to and from an IP PBX located in the LAN. The IP PBX manages all internal communications between different SIP clients (soft phones or SIP gateways).

This Call Agent is usually used to link a local PBX with an external trunk (IP or PSTN).




Top

wan_ip_trunk_ca Call Agent

The wan_ip_trunk_ca Call Agent is used to route VoIP calls.

Calls are routed from or to the main SIP server or provider located in the WAN. Typical peers for this Call Agent are the head office of the enterprise, an Internet telephony service provider (ITSP) or an IP Multimedia Core Network Subsystem (IMS).




Top

secondary_ip_trunk_ca Call Agent

The secondary_ip_trunk_caCall Agent is used to route VoIP calls.

This Call Agent is identical to the wan_ip_trunk_ca Call Agent. The secondary_ip_trunk_ca can be used for different purposes. The most common use for this Call Agent, is to route calls to and from the backup server in the event the primary server does not respond. However, this Call Agent can also be used, for example, to route calls directly to and from a Branch Office or route a specific type of call such as international calls. Typical peers for this Call Agent are the head office of the enterprise, an Internet telephony service provider (ITSP) or an IP Multimedia Core Network Subsystem (IMS).




Top

registration_ca Call Agent

The registration_ca Call Agent is used to route the registrations issued by the Registration Agent.

The registration_ca Call Agent should not be used for other purposes. The registrations issued by the Registration Agent must be routed from the registration_ca to the Call Agent facing the destination Sip registrar (typically wan_ip_trunk_ca_ca or secondary_ip_trunk_ca).

The registration is routed using the User Name, Password and Domain to build the AOR and the R-URI . The Contact is the contact header of the registration, it should contain the IP-address or FQDN of the Mediatrix unit.




Top

Signaling and Media Interfaces

The Signaling Interface is used for SIP signaling and the Media Interface is used for media ( RTP, UDPTL ) processing.

When configuring a Call Agent, you must select a Signaling Interface and a Media Interface. These interfaces are used whenever SIP signaling or media packets are sent to or received by the Call Agent.

It is possible to create several Signaling and Media Interfaces on the same Network Interface but for different purposes. For example, one set of Signaling and Media Interfaces for a WAN SIP Trunk and another set of Signaling and Media Interfaces for remote user calls. This means, for instance, that two Signaling Interfaces will be created on the same Network Interface, using the same IP address, but with a port range that will differ according to their intended use and to avoid conflicts.

A Media or Signaling Interface can be used by more than one Call Agent, but a specific Signaling or Media Interface can be created for a specific Call Agent. This provides the liberty to define non conflicting range of contactable interfaces on any physical network interfaces of the units for your network structure needs (such as Vlans, PPPoE interfaces, multiple Ethernet ports or multiple addresses on a link).

The following Signaling and Media Interfaces are supplied by default:
  • lan1_m
  • lan1_s
  • loop_m
  • loop_s
  • uplink_s
  • uplink_m

loop_m and loop_s interfaces are used to communicate with the internal services of the unit. For example, the loop interfaces can be used to communicate with the SipEp service to access phone ports.


Top

Penalty Box

The penalty box feature is enabled for a specific Call Agent to temporarily avoid contacting the peer hosts (addresses) that are expected not to answer.

Without the use of the penalty box, DNS SRV failover is delayed until the SIP transaction times out. In a DNS SRV failover, without the use of the penalty box, the Call Agent will first try to communicate with the peer host on the first server, then once the SIP transaction has timed out, it will try the second and so on, always waiting for the SIP transaction timer to expire. With the penalty box, the call Agent will not try any servers that are already in the penalty box. Remember, dynamic call routing (e.g. survivability) based on server availability requires the penalty box to be enabled.

There are typically three situations that will cause a peer host to be put in the penalty box:
  • If the transaction timer of a communication is expired, the peer host will be considered Down and will be put in the penalty box.
  • If the transaction timer of a keep-alive communication is expired, the peer host will be considered Down and will be put in the penalty box.
  • If after sending a keep-alive request or any other message to a peer host, the Call Agent receives one of the selected error codes, the peer host will be put in the penalty box. It is the error code that will indicate that the peer host cannot be used.
    Note: When configuring the Call Agent it is possible to indicate the error codes that will trigger the peer host to be sent to the penalty box.( SBC/Configuration/Blacklisting Error Codes)

It is possible to configure how much time a peer host will remain in the penalty box, and the delay before which a peer host is considered down. This delay starts after the expiration of the transaction timer. It is also possible to disable the penalty box feature by using the special value 0 as the duration the peer host will remain in the penalty box.


Top

Keep-Alive

The Keep-Alive monitoring parameter allows the unit to periodically send messages to a server to make sure the server can still be reached.

The Keep-Alive parameter is set individually for each Call Agent. SIP options are sent periodically for each Call Agent to their corresponding server. Any response received from the server means that it can be reached. No additional processing is performed on the response. If no response is received after the retransmission timer expires, the Sbc service considers the server as unreachable. In this case, any call attempt through the Call Agent is refused and the peer host will be sent to the Penalty Box. SIP options are still sent when the server cannot be reached and as soon as it can be reached again, new calls are allowed.


Top

Basic SBC Configuration Tasks

Configuring a Call Agent

Steps
  1. Go to SBC/Configuration.
  2. In the Call Agent Configuration table, click Edit located on the row of the Call Agent you wish to configure.
  3. In the Configure Call Agent table, complete the fields as required and make sure the Enable check box is selected.
    Note: Monitoring Parameters are not mandatory.
  4. Complete the fields of the Call Agent Configuration as required.
  5. Click Save.
    Note: The changes are saved, but not all applied to the configuration.
  6. Click Apply to apply all changes to the configuration.
Result
No will be displayed in the Config.Modified field, indicating that the configuration that was modified is now applied to the system. When the Mediatrix unit will use the selected Call Agent for a communication, the selected parameters will be applied.

Top

Creating a Media Interface

Before you begin
A Network Interface must be configured.
Steps
  1. Go to SBC/Configuration.
  2. In the Media Interface Configuration table, click .
    Note: A new line of empty fields is added to the Media Interface Configuration table. An error message will be displayed indicating that the configuration of the row is invalid. This is normal as the Media Interface is not yet configured.
  3. In the Media Interface Configuration table, complete the fields as required.
    Note: The Network Interfaces displayed in the Network column, are created under Network > Interfaces tab.
  4. Click Save.
    Note: The changes are saved, but not all applied to the configuration.
  5. Click Apply to apply all changes to the configuration.
  6. Click restart required services, located at the top of the page.
Result
The Media Interface will be available when configuring a Call Agent, in the Media Interface selection list of the Configure Call Agent page.

Top

Creating a Signaling Interface

Before you begin
A Network Interface must be configured. IPv6 is not supported, therefore Ipv6 configured Network interfaces cannot be used.
Steps
  1. Go to SBC/Configuration.
  2. In the Signaling Interface Configuration table, click .
    Note: A line is added to the Signaling Interface Configuration table. An error message will be displayed indicating that the configuration of the row is invalid. This is normal as the Signaling Interface is not yet configured.
  3. In the Signaling Interface Configuration table, complete the fields as required.
    Note: The Network Interfaces displayed in the Network column, are created under Network > Interfaces page.
  4. Click Save.
    Note: The changes are saved, but not all applied to the configuration.
  5. Click Apply to apply all changes to the configuration.
  6. Click restart required services, located at the top of the page.
Result
The Signaling Interface will be available when configuring a Call Agent, in the Signaling Interface selection list of the Configure Call Agent page.

Top

Configuring the Call Agent Penalty Box

Steps
  1. Go to SBC/Configuration.
  2. Click next to the Call Agent you wish to configure.
  3. In the Configure Call Agent table, set the Keep-Alive field to 30.
  4. Set the Blacklisting Duration to 60.
  5. Click Save.
Result



Top

Setting the Keep-Alive Interval

Steps
  1. Go to SBC/Configuration.
  2. From the Call Agent Configuration table, click next to the Call Agent you wish to configure.
  3. In the Keep-Alive Interval, indicate the interval in seconds for sending SIP options to the Call Agent Peer host.
    Note: 30 seconds is a good compromise between the speed at which errors are detected versus the resources used by the keep-alive signals.
    Note: 0 indicates that the keep-alive feature is disabled.
  4. Click Save.

Top

Rulesets

Basic Ruleset Concepts

Rulesets

Rulesets define one or several rules used to filter, manipulate or route inbound or outbound requests.

There are two types of Rulesets:
  • Call Agent Rulesets: they describe how inbound or outbound requests are handled by a specific Call Agent. They can also implement services or collect data.
  • Routing Rulesets: they are used to globally route outbound requests, i.e. that they apply to all Call Agents.

When a request arrives at a Call Agent from a peer, the inbound rules of the Rulesets associated with the Call Agent are executed. Then, Routing Rulesets are executed until a Call Agent is selected for the destination. Last, the outbound rules of the Rulesets associated with the destination Call Agent are executed before sending the request to the peer.

Inbound rules of the Ruleset are executed in ascending Ruleset priority order. Outbound rules are executed in descending Ruleset priority order.

The Mediatrix unit is fundamentally rule driven. This means that almost all features can be activated based on certain conditions evaluated at run-time, based on parts of the signaling messages or media payload. All rules are constructed using the same pattern. They consist of a set of one or more conditions. If all conditions apply (logical conjunction), a set of one or more actions is executed. It is important to understand that rules are generally applied only on incoming or outbound requests. However, some rules have a scope that goes beyond these incoming or outbound requests. For example, header filters apply to all requests exchanged, including incoming requests.

Call Agents can have two origins:
  • Factory: Read only Ruleset delivered with the application.
  • Custom: User defined Ruleset.
A custom Ruleset has priority over a factory Ruleset. If a custom Ruleset is created with the same name as a factory Ruleset, it is the custom Ruleset that will be shown and used. Once the custom Ruleset is deleted, the factory Ruleset will be reactivated. Cloning, editing and saving a factory Ruleset will create a custom Ruleset without modifying the factory Ruleset.

Call Agent Rulesets have an *.crs extension and Routing Rulesets use the *.rrs extension. For more details on Ruleset conditions and descriptions, refer to the DGW Configuration Guide - Reference Guide document published on the Media5 documentation portal at https://documentation.media5corp.com/

Refer to the DGE Configuration Guide - Ruleset Replacement Expressions also published on the Media5 documentation portal.


Top

Call Agent Rulesets

Name Description
automatic_media_relay Media goes through the SBC except for users in the same network.
drop_common_scanners_in Drop requests from known SIP scanners.
drop_common_scanners_in_v2 Drop requests from known SIP scanners.
drop_register_in Drop all inbound registration requests.
drop_unregistered_users_in Drop inbound requests from unregistered users.
media_relay Force Media to go through the SBC.
rate_limit_invite_per_source_in Limit call attempts per second per source IP address.
rate_limit_invite_per_source_in_v2 Limit call attempts per second per source IP address.
rate_limit_register_per_source_in Limit registration attempts per minute per source IP address.
register_cache_out Create alias in cache for outbound registrations and restore the contact from the cache for inbound requests.
registrar_in Store contact locally and reply to inbound registration requests.
registration_throttling_in Use different expiration for UA and registrar.
reject_unregistered_users_in Reject inbound requests from unregistered users.
remote_users_behind_nat Handle Far-End NAT for registrations and calls.
topology_hiding_out Remove user-agent or server header on outbound requests.
uac_authentication_out Provide authentication credentials for outbound requests.

Top

Routing Rulesets

Name Description
lan_pbx_to_remote_users Route from lan_ip_pbx_ca to remote_users_ca
lan_pbx_to_wan_ip_trunk_failover_to_second Route from lan_ip_pbx_ca to wan_ip_trunk_ca with failover to secondary_ip_trunk_ca
lan_pbx_to_wan_ip_trunk_failover_to_second_dm Route from lan_ip_pbx_cato wan_ip_trunk_ca with failover to secondary_ip_trunk_ca in demarcation setup.
lan_pbx_to_wan_ip_trunk_failover_to_trunk_dm Route from lan_ip_pbx_ca to wan_ip_trunk_ca with failover to trunk_lines_ca in demarcation setup
local_users_to_wan_ip_trunk_failover_to_second Route from local_users_ca to wan_ip_trunk_ca with failover to secondary_ip_trunk_ca.
registration_to_wan_ip_trunk_failover_to_second Route from registration_ca to wan_ip_trunk_ca with failover to secondary_ip_trunk_ca
registration_to_wan_ip_trunk Route from registration_ca to wan_ip_trunk_ca
remote_users_to_lan_pbx Route from remote_users_ca to lan_ip_pbx_ca
secondary_ip_trunk_to_lan_pbx Route from secondary_ip_trunk_ca to lan_ip_pbx_ca
secondary_ip_trunk_to_lan_pbx_2 Route from secondary_ip_trunk_ca to lan_ip_pbx_ca
trunk_lines_to_local_pbx_dm Route from trunk_lines_ca to lan_ip_pbx_ca in demarcation setup
wan_ip_trunk_to_lan_pbx Route from wan_ip_trunk_ca to lan_ip_pbx_ca
wan_ip_trunk_to_lan_pbx_v2 Route from wan_ip_trunk_ca to lan_ip_pbx_ca

Top

Ruleset Replacement Expressions

Ruleset replacement expressions are used when the value of a parameter, a command or an action is not known in advance, i.e. the value depends on the result of the SIP message processing.

A Ruleset replacement expression is a string that represents a SIP processing status. Replacement expressions always start with the dollar (“$”) sign followed by an identifier. When the Ruleset uses a replacement expression, the replacement expression is replaced by the value of the SIP processing status representing the replacement expression.

For example,
  • $aU uses the User part of the P-Asserted-Identity header
  • $th uses the Host part of the To header
  • sip:$aU@$th, used as the parameter of the Set R-URI action, uses the P-Asserted-Identity and To headers of the incoming request and puts them into the Request URI of the outgoing request.
Note: Special characters should be backslash-escaped, for example, as follows: \ → \\ or $ → \$
Note: It is important to know that if a mediation action (Section SIP Mediation) changes the content of a SIP message, the replacement expression will refer to the value after modification. E.g., if you apply the rule action “SetFrom(sip:new@from.com)”, $fu will return new@from.com!

Top

Ruleset Replacement Expression Exhaustive List

Macro Replacements Description
$r $r. request-URI; note that the expression refers to current request URI which may be changed during the course of request processing
$ru user@host[:port] part of request URI
$rU R-URI User
$rd R-URI Domain (host:port)
$rh R-URI Host
$rp R-URI Port
$rP R-URI Parameters
$f $f. From header
$fu user@host[:port] part of From URI
$fU From User
$fd From Domain (host:port)
$fh From Host
$fp From Port
$fn From Display name
$fP From Parameters
$ft From Tag
$fH From header Headers
$t $t. To header
$tu user@host[:port] part of To URI
$tU To User
$td To Domain (host:port)
$th To Host
$tp To Port
$tn To Display name
$tP To Parameters
$tt To Tag
$tH To header Headers
$a $a. P-Asserted-Identity header
$au user@host[:port] part of P-Asserted-Identity URI
$aU P-Asserted-Identity User
$ad P-Asserted-Identity Domain (host:port)
$ah P-Asserted-Identity Host
$ap P-Asserted-Identity Port
$aP P-Asserted-Identity Parameters
$at P-Asserted-Identity Tag
$aH P-Asserted-Identity Headers
$p $p. P-Preferred-Identity header
$pu user@host[:port] part of P-Preferred-Identity URI
$pU P-Preferred-Identity User
$pd P-Preferred-Identity Domain (host:port)
$ph P-Preferred-Identity Host
$pp P-Preferred-Identity Port
$pP P-Preferred-Identity Parameters
$pt P-Preferred-Identity Tag
$pH P-Preferred-Identity Headers
$c $ci Call-ID
$s $si Source (remote) IP address
$sp Source (remote) port number
$d $di expected destination host
$dp expected destination port
$R $Ri Destination (local/received) IP address
$Rp Destination (local/received) port number
$Rf local/received interface id (0=default)
$Rn local/received interface name (SBC interface name)
$RI local/received interface public IP
$H $H(headername) value of header with the name headername (Note: not all headers are available here)
$HU(headername) header headername (as URI) User
$Hd(headername) header headername (as URI) domain (host:port)
$Hu(headername) header headername (as URI) URI
$Hd(headername) header headername (as URI) domain (host:port)
$Hh(headername) header headername (as URI) host
$Hp(headername) header headername (as URI) port
$Hn(headername) header headername (as URI) display name
$Hp(headername) header headername (as URI) parameters
$HH(headername) header headername (as URI) headers
$m $m request method
$V $V(gui.varname) value of Call Variable varname
$B $B(cnum.rnum) value of backreference with rnum number from the condition with cnum number
$U $Ua register cache: originating AoR
$UA register cache: originating alias
$_ $_u(value) value to uppercase
$_l(value) value to lowercase
$_s(value) length of value (size)
$_5(value) MD5 of value
$_r(value) random number 0..value, e.g. $_r(5) gives 0, 1, 2, 3 or 4
$# $#(value) value URL-encoded

Top

Basic Ruleset Tasks

Creating a New Ruleset

Context
This procedure applies to Call Agent and Routing Rulesets.
Note: To save time, consider Cloning a Ruleset.
Steps
  1. Go to SBC/Rulesets.
  2. In the Rulesets page, enter a name in the empty field of either the Call Agent Rulesets or Routing Rulesets table.
  3. Click .
    Note: The name of the Ruleset will be added at the end of the table.
  4. In the Rulesets page, click located on the row of the Ruleset you have just created.
  5. In the Ruleset Edit page, in either the Outbound Rules or Inbound Rules, click Insert new rule.
  6. In the Conditions and Actions section, complete the fields as required.
    Note: For more details on Actions and Conditions, refer to the DGW Configuration Guide - Reference Guide document published on the Media5 documentation portal at https://documentation.media5corp.com/ .
  7. If necessary, click Add condition to add another condition.
  8. If necessary, click Add to add another action.
  9. Click Save.
    Note: The new rule is saved but the modified configuration is not yet applied to the system.
    Note: Rules are executed from top to bottom. Consider Changing the Execution Priority Level of a Ruleset Rule.
  10. Go to SBC / Configuration.
  11. Click Apply.
    Note: The modified configuration is applied to the system.
Result
The new Ruleset is available to be associated with a Call Agent.

Top

Cloning a Ruleset

Context
This procedure applies to Call Agent and Routing Rulesets
Steps
  1. Go to SBC/Rulesets.
  2. In the Rulesets page, click next to the Ruleset you wish to clone.
  3. Click OK.
    Note: The cloned Ruleset will be added at the end of the table. The name of the cloned Ruleset will include a numerical suffix to distinguish it from the original Ruleset.
  4. In the Rulesets page, click located on the row of the Ruleset you have just cloned.
  5. Click Edit next to the rules you wish to modify.
  6. In the Conditions and Actions section, modify the fields as required.
    Note: For more details on Actions and Conditions, refer to the Reference Guide published on the Media5 documentation portal.
  7. If necessary, click Add condition to add another condition.
  8. If necessary, click Add to add another action.
  9. Click Save.
  10. Click Change Name /description to change the name and the description of the Ruleset.
  11. Click Save.
    Note: The new cloned rule is saved but the modified configuration is not yet applied to the system.
    Note: Rules are executed from top to bottom. Consider Changing the Execution Priority Level of a Ruleset Rule.
  12. Go to SBC > Configuration.
  13. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
The new Ruleset is available to be associated with a Call Agent.

Top

Modifying a Ruleset

Context
This procedure applies to Call Agent and Routing Rulesets
Steps
  1. Go to SBC/Rulesets.
  2. In the Rulesets page, click located on the row of the Ruleset you wish to modify.
  3. In the Ruleset Edit page, click Edit located on the row of the rule you wish to modify.
  4. In the Conditions and Actions section, modify the fields as required.
    Note: For more details on Actions and Conditions, refer to the DGW Configuration Guide - Reference Guide published on the Medai5 documentation portal at https://documentation.media5corp.com/.
  5. If necessary, click Add condition to add another condition.
  6. If necessary, click Add to add another action.
  7. Click Save.
    Note: The modified rule is saved but the modified configuration is not yet applied to the system.
    Note: Rules are executed from top to bottom. Consider Changing the Execution Priority Level of a Ruleset Rule.
  8. Go to SBC/Configuration.
  9. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
The Ruleset will be applied with the new changes.

Top

Adding Rules to a Ruleset

Context
This procedure applies to Call Agent and Routing Rulesets
Steps
  1. Go to SBC/Rulesets.
  2. In the Rulesets page, click located on the row of the Ruleset for which you wish to add a rule.
  3. In the Ruleset Edit page,
    • click Insert new rule to add a rule at the top of the list of rules
    • click Append new rule to add a rule at the bottom of the list of rules.
  4. In the Conditions and Actions sections, complete the fields as required.
    Note: For more details on Actions and Conditions, refer to the DGW Configuration Guide - Reference Guide document published on the Media5 documentation portal at https://documentation.media5corp.com/.
  5. If necessary, click Add condition to add another condition.
  6. If necessary, click Add to add another action.
  7. Click Save.
    Note: The new rule is added to the Ruleset and saved, but the modified configuration is not yet applied to the system.
  8. Go to SBC/Configuration.
  9. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
The rule will be executed the next time the Ruleset is used.

Top

Changing the Name and Description of a Ruleset

Context
This procedure applies to Call Agent and Routing Rulesets.
Steps
  1. Go to SBC/Rulesets.
  2. In the Rulesets page, click located on the row of the Ruleset you wish to modify.
  3. In the Ruleset Edit page, click Change Name /description located next to the name of the Ruleset.
  4. In the Ruleset Change Name/Description page, modify the fields as required.
  5. Click Save.
    Note: The new name is saved but the modified configuration is not yet applied to the system.
  6. Go to SBC > Configuration.
  7. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
If you change de name of the Ruleset, you will need to re-associate the Ruleset to the Call Agent it is associated with otherwise, the configuration will be considered invalid.

Top

Deleting a Ruleset

Context
This procedure applies to Call Agent and Routing Rulesets.
Steps
  1. Go to SBC/Rulesets.
  2. In the Rulesets page, click next to the Ruleset you wish to delete.
  3. Click OK.
  4. Go to SBCConfiguration.
  5. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
The Ruleset will no longer be available in the Rulesets page to be associated with a Ruleset. If the Ruleset was associated with a Call Agent, it will need to be removed manually from the list of Rulesets associated with the Call Agent otherwise, the configuration will be considered invalid.

Top

Changing the Execution Priority Level of a Call Agent Ruleset

Steps
  1. Go to SBC/Configuration.
  2. In the Call Agent Configuration table, click next to the Call Agent for which you wish to modify the Ruleset priority level.
  3. Use the arrows of the Call Agent Rulesets table to move a Ruleset up or down.
  4. Click Save.
    The changes will be applied to the configuration, but the modified configuration is not yet applied to the system.
  5. Click Apply to apply the modified configuration to the system.
Result
Inbound rules of the Ruleset will be executed in ascending Ruleset priority order but Outbound rules will be executed in descending Ruleset priority order.

Top

Changing the Execution Priority Level of a Routing Ruleset

Steps
  1. Go to SBC/Configuration.
  2. Use the arrows of the Routing Rulesets table to move a Ruleset up or down.
  3. Click Save.
    Note: The changes will be applied to the configuration, but the modified configuration is not yet applied to the system.
  4. Click Apply to apply the modified configuration to the system.
Result
Inbound rules of the Ruleset will be executed in ascending Ruleset priority order but Outbound rules will be executed in descending Ruleset priority order.

Top

Changing the Execution Priority Level of a Ruleset Rule

Context
This procedure applies to Call Agent and Routing Rulesets.
Steps
  1. Go to SBC/Rulesets.
  2. Click next to the Ruleset for which you wish to change the priority level of rules.
  3. Use the Up and Down buttons to move the rules.
  4. Go to SBCConfiguration.
  5. Click Apply.
    Note: The changes are saved to the configuration and the modified configuration is now applied to the system.
Result
Inbound rules of the Ruleset are executed in ascending Ruleset priority order but Outbound rules are executed in descending Ruleset priority order.

Top

Changing the Execution Priority Level of a Rule Action

Context
This procedure applies to Call Agent and Routing Rulesets
Steps
  1. Go to SBC/Rulesets.
  2. Click next to the Ruleset for which you wish to change the priority level of rule actions.
  3. Click Edit next to the rule for which you wish to change the actions order.
  4. Click or to move actions.
  5. Click Save.
    Note: The new priority level is saved but the modified configuration is not yet applied to the system.
  6. Go to SBC/Configuration.
  7. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
When the Ruleset is used, the actions of a rule are always executed in the ascending priority order.

Top

Changing the Execution Priority Level of a Rule Condition

Context
This procedure applies to Call Agent and Routing Rulesets
Steps
  1. Go to SBC/Rulesets.
  2. Click next to the Ruleset for which you wish to change the priority level of rule conditions.
  3. Click Edit next to the rule for which you wish to change the conditions order.
  4. Click or to move conditions.
  5. Click Save.
    Note: The new priority level is saved but the modified configuration is not yet applied to the system.
  6. Go to SBC/Configuration.
  7. Click Apply.
    Note: The modified configuration is now applied to the system.
Result
When the Ruleset is used, the conditions of the rule are always executed in the ascending priority order.

Top

Importing Rulesets

Before you begin
Rulesets must be imported. The latest Ruleset package can be found on the https://media5.secure.force.com/supportportal (you will be required to supply a user name and password).
Context
This procedure is valid for Call Agent and Routing Rulesets.
Steps
  1. Go to Management/File.
    Note: Required Rulesets depend on the scenario being configured. Refer to the Call Agent and Routing Ruleset sections of the configuration notes for details on Rulesets needed to complete the configuration.
    Note: Step 2 is only required when importing the first Ruleset and if you are not using a secure connexion to access the Management Interface (http://).
  2. Click Activate unsecure file importation from the Web browser.
  3. From the Path field, select sbc/rulesets/.
  4. Click Browse, and navigate to the Ruleset you wish to import.
    Note: Ruleset file extension must be *.crs for Call Agent Rulesets or *.rrs for Routing Rulesets.
  5. Click Import.
Result
The imported Ruleset will appear in the Internal files table, with the selected path in front of the name. The Ruleset will be available in the tables of the SBC/Rulesets page.


Top

Associating Call Agent Rulesets to a Call Agent

Before you begin
Steps
  1. Go to SBC/Configuration.
    Note: Refer to the Call Agents section to identify which Rulesets are associated with the Call Agents used in this Use Case.
  2. From the Call Agent Configuration table, click located on the same row as the Call Agent to which you wish to associate a Ruleset.
  3. In the Call Agent Rulesets table, click .
  4. From the Name selection list, select a Ruleset.
  5. To add other Rulesets, click .
  6. Click Save.
  7. In the Configure Call Agent page, click Save.
  8. Click Apply to apply all changes to the configuration.
Result



Top

Associating Routing Rulesets to Your Configuration

Before you begin
Importing Rulesets must be completed for Routing Rulesets to be available.
Steps
  1. Go to SBC/Configuration
  2. In the Routing Rulesets table click to add the first route.
  3. From the Name selection list, select the Routing Ruleset you wish to apply to the configuration.
    Note: Refer to the Routing Rulesets section to identify the Rulesets that apply to this Use Case.
  4. Repeat steps 2 and 3 for each Routing Ruleset you wish to associate to your configuration.
  5. If necessary, in the Parameters field enter the required parameters for each route.
  6. Click Save.
  7. Click Apply to apply all changes to the configuration.
Result



Top

Registration

Basic SBC Registation Concepts

Registration Agent

The Registration Agent is a feature that performs REGISTERs on behalf of other users.

In some use cases, using the Registration Agent may be necessary to have a separate entity perform the REGISTERs on behalf of users. For example:
  • When users cannot register themselves.
  • To separate internal and external networks in Demarcation Point scenarios
The Registration Agent is only involved with the registrations it initiates. If the Registration Agent is used, its REGISTERs are routed to the Mediatrix unit via the registration_ca Call Agent.

Top

Registration Caching

Registration processing allows maintaining an endpoint reachable even from behind NATs.

When a call is routed by a Ruleset that includes the REGISTER throttling and Enable REGISTER caching actions, the SBC replaces the information of the Contact header with its own IP address before forwarding the call to an endpoint. Because a private IP address is used as the contact address in the Contact header field of the REGISTER messages, it becomes impossible to reach the user from the public Internet without going through the SBC since the contact's address is private.

The manipulated registration information is then registered in the registrar. When a Call is destined to the user, the call will be directed to the SBC. In order for the SBC to know which user is actually being contacted, the SBC keeps a local copy of the user's registration. The local copy includes the private IP address and the user’s SIP URI as well as the public IP address included in the IP header that was assigned to the SIP message by the NAT.

If periodic request-response traffic does not cross the NAT behind which the user is located, the NAT address binding expires and the user becomes unreachable. Therefore, the SBC forces re-registration to keep NAT bindings alive.


Top

Registration Throttling

Registration throttling protects SIP infrastructures against registration overloads.

Although registration overloads are often self-inflicted by the keep-alive functionality, it may also be caused by a router outage, broken client or Denial of Service attack. The SBC fends off such overloads by using high-performance in-memory registration cache that serves upstream registrations at high-rate, handles them locally, and propagates them down-stream at substantially reduced rate. That’s the case if the registrations were to create new bindings, deleting existing ones or if they were to expire downstream. The propagated registration changes become effective on the SBC only if confirmed by the downstream server. If a registration expires without being refreshed the SBC issues a warning event.


Top

Registration Cache Clearing

Clearing the registration cache will remove all inaccurate information that could remain if an equipment connecting to the SBC is restarted with new information such as a new IP address.

When the registration cache is cleared, all equipments connecting to the SBC need to re-register themselves before being able to receive SIP requests because without re-registration the SBC will not have the private contact address to know where to route the SIP.


Top

Basic SBC Registration Tasks

Configuring a Registration Agent

Configure the registration agent used to issue the registrations.

Steps
  1. Go to SBC/Registration.
  2. In the Registration Agent Configuration table, click .
    Note: A new line of fields is added.
  3. Complete the User Name, Friendly Name, and Domain parameters fields according to the service provider's requirements.
  4. In the Contact field, enter credentials to register against the service provider.
    Note: Format must be sip:user@public_IP Address or sip:public_IP Address or sips:user@public_IP_Address:sip listening port;uri-parameters of the unit.
  5. If necessary, repeat step 2 to step 4 if you are using more than one service provider.
  6. Click Apply.
Result

Top

Finding a Specific AoR in the Registration Cache

Steps
  1. Go to SBC/Registration
  2. In the Filter table, enter the AoR.
  3. Click Search.
Result
The Registration Cache table only displays the registration(s) related to the selected AoR.

Top

Clearing the Registration Cache

Steps
  1. Go to SBC/Registration.
  2. Click Clear Registration Cache located under the Registration Cache table.
Result
All entries of the Registration Cache table will be erased and Registration Throttling will restart from scratch. The next REGISTERs will be immediately relayed to their destinations on their first occurrence.

Top

SBC Advanced Parameters

SBC/Configuration Parameters

Although the services can be configured in great part in the web browser, some aspects of the configuration can only be completed with the MIB parameters by :
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters
For more details on the following parameters ,refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/

Tcp Connect Timeout

Refer to Sbc.SignalingInterface.TcpConnectTimeout .

Tcp Idle Timeout

Refer to Sbc.SignalingInterface.TcpIdleTimeout.

Registration Expiration

Refer to Sbc.RegistrationAgent.ExpireValue.

Registration Expiration

Refer to Sbc.RegistrationAgent.RetryInterval.

Min Severity

Refer to Sbc.MinSeverity.

Top

SBC/Status Parameters

Although the services can be configured in great part in the web browser, some aspects of the configuration can only be completed with the MIB parameters by:
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration variables
Fro more details on the following parameters, refer to the DGW Configuration Guide - Reference Guide document published on the Media5 documentation portal at https://documentation.media5corp.com/

Tcp Connect Timeout

Refer to Sbc.SignalingInterfaceStatus.TcpConnectTimeout.

Tcp Idle Timeout

Refer to Sbc.SignalingInterfaceStatus.TcpIdleTimeout

Need Restart Info

Refer to Sbc.NeedRestartInfo.

Top

POTS

Basic Concepts

Caller ID Information

The caller ID is a generic name for the service provided by telephone utilities that supply information such as the telephone number or the name of the calling party to the called subscriber at the start of a call.

In typical caller ID systems, the coded calling number information is sent from the central exchange to the called telephone. This information can be shown on a display of the subscriber telephone set. In this case, the caller ID information is usually displayed before the subscriber decides to answer the incoming call. If the line is connected to a computer, caller information can be used to search in databases and additional services can be offered.

In call waiting, the caller ID service supplies information about a second incoming caller to a subscriber already busy with a phone call. However, caller ID on call waiting is not supported by all caller ID-capable telephone displays.

The following basic caller ID features are supported:

  • Date and Time
  • Calling Line Identity
  • Calling Party Name
  • Visual Indicator (MWI)

Top

Caller ID Generation

Caller ID information is sent depending on the application and country-specific requirements: Caller ID generation using DTMF signalling and Caller ID generation using Frequency Shift Keying (FSK)

Note: The DGW Application does not support ASCII special characters higher than 127.
Caller ID generation can be done by:
  • DTMF signalling performed during or before ringing, depending on the country settings or endpoint configuration. The Mediatrix unit provides the calling line identity according to the following standards:
    • Europe: ETSI 300 659-1 January 2001 (Annex B):
      • Access and Terminals (AT)
      • Analogue access to the Public Switched Telephone Network (PSTN)
      • Subscriber line protocol over the local loop for display (and related) services
      • Part 1: On-hook data transmission
    • Country-specific custom DTMF variations:
      • Telebras DTMF (Brasil and Argentina)
      • TDK DTMF (Denmark)
  • Frequency Shift Keying (FSK). Different countries use different standards to send caller ID information. The Mediatrix unit is compatible with the following widely used standards:
    • ETSI 300 659-1
  • Continuous phase binary FSK modulation is used for coding that is compatible with:
    • BELL 202
    • ITU-T V.23
Note: The displayed caller ID for all countries may be up to 20 digits for numbers and 50 digits for names. The DGW application does not support ASCII special characters higher than 127.

Top

Caller ID Transmission

For most countries, the caller ID is transmitted after the first ring.

One notable exception is the UK, where Caller ID is sent after the dual tone alerting state tone on an inverted polarity line.

Other modes of transmission can be configured with the Caller ID Transmission parameter (under POTS/Config/General Configuration).


Top

Flash Hook

Flash hook can be described as quickly depressing and releasing the plunger or the actual handset-cradle to create a signal indicating a change in the current telephone session.

The flash hook is used to trigger:
  • call waiting
  • second call
  • call on hold
  • conferences
A flash hook is detected when the hook switch is pressed for a shorter time than would be required to be interpreted as a hang-up. Using the flash button that is present on many standard telephone handsets can also trigger a flash hook.
Note: As a best practice, the Flash button should be used to avoid terminating the call by accidentally pushing the plunger for too long.

Top

Country Override Flash Hook Detection Range

This is the range in which the hook switch must remain pressed to perform a flash hook.

When selecting a country (under Telephony/Misc/Country Selection), each country has a default minimum and maximum time value within which pressing and releasing the plunger is actually considered a flash hook. However, these values can be overridden and customised with the Country Override Flash Hook Detection Range (under POTS/FXS Configuration/Country Customisation).

The range consists of :
  • The minimal delay and maximal delay, in ms, separated by a “-”.
  • The minimal value allowed is 10 ms.
  • The maximum value allowed is 1200 ms.
  • The space character is not allowed.

Top

FXO Force End-of-Call

The forced end-of-call service regroups all features permitting the unit to terminate a call. This can be required in a telephony network where the FXO loop current drops are not always detected.

The call termination can be triggered in three cases:
  • On call failure: This feature is set by setting the Force End of Call On Call Failure parameter to Enable. When a call failure happens, the call is terminated after the timeout configured with the Call Failure Timeout (sec) parameter has elapsed and an error tone is played.
  • On silence detection: A call is ended when silence is detected for a delay higher than the value configured by in the Silence Detection Timeout (sec) parameter (Refer to the FXO Silence Detection). The mode is set with the Force End Of Call On Silence Detection Mode parameter.
  • On tone detection: A call is ended when a selected tone is detected. The tone for this purpose depends on the detection mode specified by the Force End Of Call On Tone Detection Mode parameter which can be country specific (not available in all countries) or a custom tone. (Refer to FXO Tone Detection).

All previously mentioned parameters are available under POTS/FXO Configuration/ FXO Force End of Call.


Top

FXO Silence Detection

Silence detection allows the Mediatrix unit to close a line when no voice activity or silence is detected for a specified amount of time.

When silence is detected on the inbound and/or outbound media for an amount of time specified in the Force End Of Call On Silence Detection Mode parameter (under POTS/FXO Configuration/FXO Force End of Call), the call is terminated. This feature is useful to free resources in the event of an IP network failure that prevents the end of a call to be detected or when the end of call tone was not detected.
Note: The silence detection feature could inadvertently disconnect a communication when one party puts the other on hold more than 5 minutes (default value timeout). Using the hold tone feature prevents the detection of silence when the call is put on hold by the IP peer. Refer to the DGW Configuration Guide - Tone Customisation document published on the Media5 documentation portal at https://documentation.media5corp.com/.
The current implementation of silence detection relies on the power of the media signal. A silence is detected if the power level of the media signal is lower than -60 dBm. This feature forcefully terminates a call that stayed silent for some time.

Top

FXO Tone Detection

The FXO Tone Detection feature is used to resolve scenarios in which the far-end disconnection tone cannot be detected.

For a custom tone, the following parameters can be configured:
  • Tone Detection Custom Frequency
  • Tone Detection Custom Cadence
  • Detection Custom Repetition
which are all located under POTS/FXO Configuration/FXO Force End of Call.
If a custom tone is defined, the ring pattern can have up to four on/off pairs in the format of on1,off1,on2,off2,on3,off3,on4,off4 where:
  • on is a numerical value representing the time, in milliseconds, during which the tone can be detected
  • off is a numerical value representing the time, in milliseconds, during which the tone cannot be detected
  • the on and off values can range from 0 to 32,767 ms.
  • Specifying more than 4 pairs will only use the first 4 pairs (eight first values).
  • If less than 4 pairs are specified, 0 values will be added as necessary.
  • The first zero (0) found in the string signals the end of the cadence (i.e. “200, 0, 300, 400” is the same as “200”).
  • If it starts with a value of zero (0) , the ring pattern is invalid.
In some cases, the detection of a tone with a complex cadence containing multiple frequencies is required, such as for the special information tone (SIT). However, since the detection of only one custom frequency can be configured in DGW, the custom frequency used to detect the complex cadence will need to be one of the frequencies found in the tone.

Top

FXS Country Override Loop Current

When a remote end-user goes on-hook, the Mediatrix unit signals the far end disconnect by performing a current loop drop (< 1 mA) on the analog line.

This current loop drop is typically used for disconnect supervision on analog lines. If the Line Supervision Mode parameter (under POTS/FXS Configuration) is set to DropOnDisconnect then the Mediatrix unit signals the far end disconnect by performing a current loop drop on the analog line. By default, the Mediatrix unit maintains a current drop for 1000 ms,, then a busy tone is generated to indicate the user to hang up. The current loop drop duration can be configured with the Power Drop on Disconnect Duration parameter (under POTS/FXS Configuration). (For more details, refer to the FXS Line Supervision Mode parameter in the DGW Configuration Guide - Reference guide published on the Media5 documentation portal at https://documentation.media5corp.com/).

When an FXS analog line goes off hook, it causes current to flow by closing the loop. The Country Selection parameter (Telephony/Misc/Country) allows the selection of predefined country settings for the tone profiles, ring patterns, and other parameters such as input and output gains. The value of the loop current for each country is by default 30 mA but can be overridden to a value ranging from 20 mA to 32 mA with the Country Override Loop Current parameter (under POTS/FXS Configuration/Country Customisation) provided the Override Country Configuration parameter is enabled (under POTS/FXS Configuration/Country Customisation).

Note: The actual measured current may be different from the one set, as it varies depending on the DC impedance. The default value is 30 mA. When a value higher than 32 mA is used, the unit will limit the current to 32 mA.

Top

Basic FXS Tasks

Selecting the Detection/Generation Method of the Caller ID

Steps
  1. Go to POTS/Config.
  2. In the General Configuration table, complete the fields are required.
  3. Click Apply.

Top

Configuring FXS Parameters

Steps
  1. Go to POTS/FXS Configuration.
  2. In the FXS Configuration table, complete the fields as required.
  3. Click Apply.
Result



Top

Overriding FXS Default Country Parameters

Steps
  1. Go to POTS/FXS Configuration.
  2. In the Country Customisation table, complete the fields as required.
  3. Click Apply.
Result



Top

Basic FXO Tasks

Configuring FXO Dialing Parameters

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Dialing Configuration table, complete the fields as required.
  3. Click Apply.
Result



Top

Configuring FXO Answering Configuration

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Answering Configuration table, for each endpoint, complete the fields as required.
    Note: Available endpoints vary depending on the configuration of the unit,
  3. Click Apply.
Result



Top

Configuring the FXO Incoming Call Behavior

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Incoming Call Behavior table, for each endpoint, complete the fields as required.
    Note: Available endpoints vary depending on the configuration of the unit,
  3. Click Apply.
Result
For example


Top

Configuring FXO Line Verification

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Line Verification table, for each endpoint, complete the fields as required.
  3. Click Apply.
Result
For example


Top

Configuring FXO Force End of Call

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Force End of Call table, complete the fields as required.
  3. Click Apply.
Result
For example


Top

Configuring the Dial Tone Detection

Context
It allows the Mediatrix unit to wait for a dial tone before initiating the dialing sequence. If no dial tone is detected, the line is considered busy.
Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Dialing Configuration table, from the Dial Tone Detection Mode drop box, select CountryTone.
    Note: Not all PBX manufacturers produce the country dial tone on the extension line. If this is the case, make sure the Dial Tone Detection Mode is disabled, otherwise the Mediatrix unit will not output dialed digits.
    Note: Not all PSTN switches produce the country dial tone on the PSTN line. If this is the case, make sure the Dial Tone Detection Mode is disabled, otherwise the Mediatrix unit will not output dialed digits.
  3. Click Apply.
Result



Top

Configuring the Answering Delay

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Answering Configuration table, complete the fields as required.
    Note: If the PBX does not pass the caller ID to the Mediatrix unit, you can reduce the Wait Before Answering Delay to 2500 to reduce the time before the Mediatrix unit goes off-hook upon ring detection.
  3. Click Apply.

Top

Configuring the Far End Disconnect Parameters

Context

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Force End of Call table, from the Force End Of Call On Tone Detection Mode drop box, select Custom Tone.
  3. Set the Tone Detection Custom Frequency field to 350.
    Note: Verify with your PBX supplier what tone (exact frequency and cadence) the PBX produces on the extension when the far end is disconnected.
  4. Complete the other fields as required.
  5. Click Apply.
Result



Top

Disabling Dial Tone Detection

Context
Disabling dial tone detection allows the Mediatrix unit to wait for a dial tone before initiating the dialing sequence. If no dial tone is detected or correctly recognised, the line is considered busy.
Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Dialing Configuration table, from the Dial Tone Detection Mode dropbox, select Disable.
  3. Click Apply.
Result



Top

Advanced POTS Parameters

Although the services can be configured in great part in the Web browser, some aspects of the configuration can only be completed with the configuration parameters by :
  • using a MIB browser
  • using the CLI
  • creating a configuration script containing the configuration parameters
For more details, refer to the DGW Configuration Guide - Reference Guide published on the Media5 documentation portal at https://documentation.media5corp.com/.

For FXS

  • specify the Calling Party Name of the caller ID (CLIP) : Pots.FxsCallerIdPrivateCallingPartyName
  • to override a set of services that are activated during an emergency call: Pots.FxsEmergencyCallOverride
  • To set the period before the phone starts to ring in the event where the originator of an emergency call hangs-up before the emergency call center disconnects the call: Pots.FxsEmergencyRingTimeout
  • To customise a distinctive ringID: Pots.FxsDistinctiveRingId
  • To customise a distinctive ring pattern: Pots.FxsDistinctivePattern

For FXO

  • To override the FXO Custom Basic Parameters: Pots.FxoCustomBasicParameters.OverrideDefaultCountryParameters and Pots.FxoCustomBasicParameters.Impedance

Top

FXS Distinctive Ring

The FXS endpoints support four distinctive ringing for basic incoming calls.

To use the distinctive ringing with the Mediatrix unit, the received SIP INVITE message must contain the Alert-Info header field with the proper Call Property value.

The following is an example of an Alert-Info via SIP INVITE:

The custom distinctive ring configuration allows the administrator to modify the ring pattern. These parameters can only be configured by the CLI or SNMP. Refer to the Advanced POTS Parameters . section.

The ring pattern can have up to three on/off pairs in the format of on1,off1,on2,off2,on3,off3 where:
  • on is a numerical value representing the time, in milliseconds, during which ring tone will be active on the phone.
  • off is a numerical values representing the time, in milliseconds, during which the phone will not ring.

For instance, 2000, 1000, 2000, 0 or 2000, 1000, 2000 is a cadence in which the frequency plays for 2 seconds, stops for 1 second, and plays for 2 more seconds.

Typically the ring pattern follows these rules:
  • It can have up three pairs of “on,off”. If less than 3 pairs are specified, 0 values will be added as necessary. Specifying more than six will only use the six first values.
  • If it starts with a value of zero (0) , the ring pattern is invalid.
  • The first zero (0) found in the string signals the end of the cadence (i.e. “200, 0, 300” is the same as “200”).

Top

Examples of FXO Tone Detection

Configuring the Detection of an 8 second 425 Hz Continuous Tone

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Force End of Call table, from the Force End Of Call On Tone Detection Mode selection list, choose Custom Tone.
  3. In the Tone Detection Custom Frequency field, enter 425.
  4. In the Tone Detection Custom Cadence field, insert 8000,0 or 8000.
  5. Click Apply.
Result
When a 425 Hz tone is played for 8 seconds, it will be detected.


Top

Configuring an On/Off British Reorder Tone

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Force End of Call table, from the Force End Of Call On Tone Detection Mode selection list, choose Custom Tone.
  3. In the Tone Detection Custom Frequency field, enter 400.
  4. In the Tone Detection Custom Cadence field, enter 400, 350, 225, 525 .
  5. Click Apply.
Result
When a 400 Hz tone is played with a cadence of 0.4 seconds on, 0.35 seconds off, 0.225 seconds on, 0.525 seconds off, the tone will be detected.


Top

Configuring the Detection of the Special Information Tone (SIT)

Steps
  1. Go to POTS/FXO Configuration.
  2. In the FXO Force End of Call table, from the Force End Of Call On Tone Detection Mode selection list, choose Custom Tone.
  3. In the Tone Detection Custom Frequency field, enter 950.
  4. In the Tone Detection Custom Cadence field, enter 330,660 .
  5. Click Apply.
Result
When a SIT tone is played with a cadence of 950Hz/330ms, 1440Hz/330ms, 1800Hz/330ms, 950Hz/330ms, 1440Hz/330ms, 1800Hz/330ms etc. the tone will be detected.


Top

Cascade for Incoming Calls

A corporate PBX uses two VoIP gateways for inbound and outbound communication through a VoIP provider.

  • Two Mediatrix devices connected to a SIP Trunk

For example: Cascade for incoming calls:



For example: Cascade for outgoing calls



Note: When all channels of the primary Mediatrix unit are in use and there is a new incoming SIP call, by default, a Busy SIP message will be sent to the IP-PBX. If the analog/digital link is down, an error message will be sent. In both cases, the new incoming call will fail.

Top

Cascade for Outgoing Calls

Corporate IP-PBX uses two VoIP gateways for inbound and outbound communication through the PSTN

  • Two Mediatrix units in the LAN

For example:



Note: When all channels of the primary Mediatrix unit are in use and there is a new incoming SIP call, by default, a Busy SIP message will be sent to the IP-PBX. If the analog/digital link is down, an error message will be sent. In both cases, the new incoming call will fail.

Top

ISDN

Cabling Information

ISDN Reference Points

ISDN specifies a number of reference points that define logical interfaces between the various equipment types on an ISDN access line.

The Mediatrix unit supports the following ISDN reference points:
  • S: The reference point between user terminals and the NT2. This is used in point-to-multipoint BRI connections.
  • T: The reference point between NT1 (Modem) and NT2 (PBX) devices. This is used in point-to- point PRI/BRI connections.
All other ISDN reference points are not supported.


Top

BRI S/T Connection (RJ-48)

Caution: Always use standard telecommunication cables with a minimum of 26 AWG wire gauge.
BRI S/T connections use two pairs of wires: one pair for transmission and the second pair for reception. It is wired so that pins 3 and 6 are on one twisted pair and pins 4 and 5 are on a second pair according to common wiring standards which meet the TIA/EIA 568A and 568B requirements.
Caution: The Mediatrix unit ISDN BRI ports are configurable to operate as network or terminal ports. The pin-out of the sockets is switched according to this configuration. Wrong port configurations, wrong cabling or wrong connections to neighbouring equipment can lead to short circuits in the BRI line powering.


Pin# TE mode NT mode
1 Not Connected Not Connected
2 Not Connected Not Connected
3 Tx + Rx +
4 Rx + Tx +
5 Rx - Tx -
6 Tx - Rx -
7 Not connected Not Connected
8 Not connected Not Connected

Top

PRI Connection (RJ-48)

Caution: Always use standard telecommunication cables with a minimum of 26 AWG wire gauge.
PRI connections use two pairs of wires: one pair for transmission and the second pair for reception. It is wired so that pins 1 and 2 are on one twisted pair and pins 4 and 5 are on a second pair according to common wiring standards which meet the TIA/EIA 568A and 568B requirements.
Note: The Mediatrix unit PRI ports can be used as a T reference point, but not as U reference points (2-wire). Never connect a U PSTN line or a U TE into the Mediatrix unit PRI ports.


Pin # NT Mode TE Mode
1 Transmit #2 (+) Receive #2 (+)
2 Transmit #1 (-) Receive #1 (-)
3 Not connected Not connected
4 Receive #2 (+) Transmit #2 (+)
5 Receive #1 (-) Transmit #1 (-)
6 Not connected Not connected
7 Not connected Not connected
8 Not connected Not connected

Top

Status

Basic ISDN Concepts

Preset Configuration

The ISDN Preset Configuration contains a set of values for the configuration of the parameters used by the ISDN connections.

The preset configuration files are located in the file system persistent memory. Depending on the Mediatrix unit you are using, the available ISDN Preset configuration files will differ or, it may also be possible that no preset configuration files are available depending on the Profile. Preset configuration files are provided by Media5 or can be user-defined, i.e. the current ISDN configuration was exported from a unit.

Using preset configuration files is especially useful for:
  • units that do not use the default values provided by Media5 (for instance, using T1 instead of E1)
  • using the same configuration on several units
IMPORTANT: user-defined presets are not kept in the event of a partial or factory reset. Only script files can be used as preset ISDN configuration files.

Top

Integrated Services Digital Network (ISDN)

ISDN is a set of digital transmission protocols defined by a few international standards body for telecommunications, such as the ITU-T. One or the other of these protocols are accepted as standards by virtually every telecommunications carrier all over the world.

ISDN replaces the traditional telephone system so that one or two pairs of telephone wires can carry voice and data simultaneously. It is a fully digital network where all devices and applications present themselves in a digital form. ISDN is a User-Network Interface (UNI) signalling protocol with a user and a network side.
  • The user side is implemented in ISDN terminals (phones, terminal adapters, etc.)
  • The network side is implemented in the exchange switches of the network operator.
  • Both sides have different signaling states and messages.
The Mediatrix unit ISDN interfaces can be configured to work as user (TE) or network (NT) interfaces. Depending on your product, you can configure two types of ISDN interfaces:
  • ISDN Basic Rate Interface (BRI)
  • ISDN Primary Rate Interface (PRI)

Top
Supported Signaling Protocols
Protocol Description
DSS1 Digital Subscriber Signaling System No.1
DMS100 Digital Multiplex System 100
NI2 National ISDN No.2
5ESS 5 Electronic Switching System
QSIG ECMA's protocol for Private Integrated Services Networks
IMPORTANT: In North America, the official standard is National ISDN2 (NI2). Virtually all 5ESS, DMS100, and GTD-5 switches have been upgraded to use that standard since the early 2000's.The "5ESS" and "DMS100" Signaling Properties settings are provided only for backwards compatibility only with older switches and PBXes, and might not support some functionalities such as Calling Name Delivery.

Top

Auto configuration

The ISDN auto configuration is a process by which all ISDN interfaces try several configuration combination in order to obtain a physical link up and then a signaling link up (PRI interfaces only). The process is started using the Isdn.AutoConfigure command and can be stopped with the Isdn.CancelAutoConfigure command. Starting the command will abruptly terminate all ongoing calls on the ISDN interfaces. Once the auto configuration process completes (successfully or not), a notification is sent reporting the result. If the operation is successful, the following parameters will be set with the values that provided the link up (overwriting the user configuration):
  • Endpoint Type
  • Clock Mode
  • Port Pinout (PRI interfaces only)
  • Line Coding (PRI interfaces only)
  • Line Framing (PRI interfaces only)

Top
ISDN Parameters Auto-Configured by Auto-Sensing
  • PortPinout
  • ClockMode
  • LineFraming
  • LineCoding
  • EndpointType

Top

Basic ISDN Tasks

Auto-Detecting and Auto-Configuring ISDN Interfaces

Context
Note: Some parameters cannot be auto configured. For example, the clock mode is configured according to the endpoint type, master for NT and slave for TE.
Steps
  1. Go to ISDN/Status.
  2. In the Automatic Configuration table, from the selection list, choose the interface you wish to auto configure or select all interfaces.
  3. Click Start Sensing.
    Note: Launching the Automatic Configuration may terminate abruptly all ongoing ISDN calls. The auto-configuration may take some time to complete and some of the current ISDN configuration settings might be replaced by new values.
Result



Top

Verifying the ISDN Status

Context

At any time, it is possible to check the status of the ISDN links.

Steps
  1. Go to ISDN/Status
  2. The Physical Link and Signaling status will be displayed for each interface.
Result

If the ISDN cables are properly connected and the basic interface settings are correct, the Physical Link should be Up.

Note: Signaling will also usually be "Up on PRI links. However, in some cases (BRI, On-demand links), it is normal to be in the Down state, except for a brief period during call establishment.



Top

Advanced ISDN Concepts

Definitions

Term Definitions
Originating Side Where the call is initiated on the ISDN network. At the originating side, the USER (TE) uni-side initiates the call by sending a SETUP message towards the NETWORK (NT). Then, the NT interface redirects the call to some other network, for example SS7 or VoIP.
Destination Side Where the call reaches its ISDN destination. The NT interface at the destination receives the call from another network, then sends a SETUP message over the ISDN link to one or more TE interfaces.
ISDN Interface A physical ISDN port, either a BRI or PRI interface.
IsdnInterface This is the 4th layer of the ISDN stack, referred in ITU-T Q.931 (05/98) as the Resource Management and Call Control entities.

Top

Inband Tones Generation

In an ISDN network, most of the call setup tones are played locally by the TE equipments (i.e. telephone handset), although some require that the tones be played inband by the NT peer.

When interworking with other networks occurs, such as in the IsdnInterface, the need for the tones to be played inband is more likely to arise.

The IsdnInterface has configurability to enable inband tones to be played locally, on a per-interface basis. This option is present when the IsdnInterface is acting as both the NT and the TE UNI-side. However, in TE mode only, the ringback tone is played.

The Call Setup tones (dial tone, ringback, etc.) are played in the direction where the call has been initiated. The call disconnection tones are played in both directions, but of course will not arrive to the peer who disconnected the call.

When an inband tone is played, a Progress Indicator IE #8 "Inband information or appropriate pattern available" is added to the ISDN message corresponding to the call state change, and in a PROGRESS ISDN message if no state change is occurring.

On TE interfaces, as soon as the NT peer advertises that it plays inband tones through a Progress Indicator IE #8 or #1, the local inband tones generation is disabled for the rest of the call. Refer to the UseImplicitInbandInfoEnable interop parameter for special handling of Progress Indicator #1.

Whenever a tone is played inband locally or when the ISDN peer advertises that inband information is available, the CallManager is notified. The IP media path can then be opened earlier in the call, and can be closed with some delay after the call disconnection initiation. However, the configuration and associated behaviors of the higher-level entities are out of the scope of this document.

The following tables summarize the inband tones generation behaviour for both NT and TE endpoint types.

Signal IE Handling Enabled Inband Tones Generation Enabled Inband Tone Played
No No No
No Yes Yes
Yes Don't Care No
Signal IE Handling Enabled Signal IE Received Inband Tones Generation Enabled NT Peer Advertised Inband Tones Inband Tone Played
No Don't care No Don't Care No
Yes Yes No Don't Care Yes
Yes No Don't Care Don't Care No
No Don't Care Yes Yes No
Note: When the signaling protocol is set to QSIG, the Signal IE does not exist so it has no effect on the inband tones generation. These inband tones are played if the inband tones generation is activated on the incoming side of the call.

Top

Signal Handling

The Signal IE is used by the NT ISDN interface to tell its TE interfaces peers that they must generate an inband tone locally. Thus, the Signal IEs are sent by the NT only.

When the Signal IE handling is enabled on a given TE interface, the inband tones will be played towards the IP gateway when a Signal IE is received. On a NT interface, a Signal IE will be inserted in the ISDN messages sent to the TE peer when appropriate.

Note: If the signaling protocol is set to "NI-2" (National ISDN-2) on that interface, the Signal IE handling is forced to be enabled for a NT interface.
Note: When the signaling protocol is set to QSIG, the Signal IE is not used.

Top

Interop Parameters

Interop parameters allow the Mediatrix unit to properly work, communicate, or connect with specific ISDN devices.


Top

Channel Allocation Strategy

The ISDN interface supports 4 allocation strategy modes:
  • ascending;
  • descending;
  • round-robin ascending;
  • round-robin descending.
The Channel Allocation Strategy is configurable separately for each ISDN interface.

Top
Ascending

In this mode, the IsdnInterface always allocates the free channel that has the lowest number.


Top
Descending

The highest-numbered free channel is allocated.


Top
Round-Robin Ascending

Starting from the enabled channel with the lowest number, the channels are selected increasingly at each allocation.


Top
Round-Robin Descending

Same as round-robin ascending, except that it is exactly the opposite!


Top

Ressource Management

Reservation of Channels for Incoming and Outgoing Calls

Channels can be reserved for incoming calls or for outgoing calls.

The IncomingChannelRange and OutgoingChannelRange parameters are defined for this purpose.


Top

Supplementary Services

Supplementary Services Support

Three generic protocols are defined for the control of supplementary services, two of which are stimulus, the third being functional.

These protocols are:
  • Keypad protocol;
  • Feature key management protocol;
  • Functional protocol.
The Functional protocol consists of two categories of procedures. The first category, called the separate message approach, uses separate message types to indicate a desired function. The HOLD and RETRIEVE set of messages are identified for this category.

The FacilityServicesEnable parameter is used to control the second category, called the common information element procedure, which uses the FACILITY information element.

When the facility services are disabled and the interface receives a FACILITY message, it answers it with a STATUS. When the facility services are enabled, the interface processes the FACILITY messages.


Top
CLIP

In ISDN, the Calling Line Information Presentation (CLIP) is an optional service offered to the called party which provides the calling party’s ISDN number. When the service is enabled, a Calling Party Number Information Element (CPN IE) containing the caller’s IA5 digits is sent in the SETUP ISDN message.

CLIP is supplemented by privacy rules defined by CLIR and CLIR Override. Refer to the diagrams in the Interaction between CLIP, CLIR, and CLIR override section for details.

For all ISDN signaling protocols except QSIG, operation is as follows: on the originating side, the TE interface always sends the Calling Party Number IE (unless CLIP is disabled). It is up to the NT interface at the destination side to apply the appropriate privacy rules. If the originating side is NT, the Calling Party number is sent only if the Calling Number parameter is not set to 'Restricted' or if the Override flag parameter is set to 'Enabled'.

CLIP is enabled through the ClipEnable parameter, which can take the following values:

Disable Calling Party Number IE is not sent.
Enable Calling Party Number IE is sent in the SETUP message.
UserOnly Calling Party Number IE is sent in the SETUP message only if the ISDN interface is configured as a TE.

Top
CLIR

The Calling Line Information Restriction (CLIR) is a supplementary service offered to the calling party to restrict presentation of the calling party’s ISDN number to the called party.

CLIR uses the Calling Party Number (CPN) IE’s Presentation Indicator (PI) to disable presentation of the calling number to the called party. CLIR can be disabled by the CLIR override option, described later. Refer to the diagrams in the Interaction between CLIP, CLIR, and CLIR override section for details.

For all ISDN signaling protocols except QSIG, operation is as follows: when the service is enabled on a TE originating interface, the Calling Party Number IE’s Presentation Indicator field is set to "Restricted" upon transmission of an ISDN SETUP message from TE to NT. However, the TE must include the IA5 digits in the Calling Party Number.

When the service is enabled on a NT interface that receives a call, the Calling Party number IE Presentation Indicator is set to "Restricted" in the calling property returned to the call managing system.

For QSIG, when the service is enabled at the outgoing interface, the Calling Party number IE Presentation Indicator parameter is set to 'Restricted'. At the incoming side, this parameter has no effect. However, if the PI flag is set to "Restricted" in the received CPN IE, the calling party number is removed. See ECMA-148 section 8.

CLIR is enabled through the ClirEnable parameter, which can take the following values:

Disable There is no privacy restriction applied on the CLIP service.
Enable
ISDN signaling protocols (except QSIG):
  • TE interface that sends the SETUP message at the originating network side: The PI is set to "Restricted" in the CPN IE inserted in the SETUP message sent to the ISDN. However, the calling number is included in the CPN IE.
  • NT interface that receives the SETUP message at the originating network side: When receiving the SETUP message, the PI is forced to "Restricted" in the CPN IE received from the TE. The calling number itself is forwarded.
QSIG signaling protocol:
  • Sending a SETUP message: The PI is set to "Restricted" in the CPN IE inserted in the SETUP message sent to the ISDN, unless the CLIR override option is set. However, even if PI is set to "Restricted", the calling number is included in the CPN IE.
  • Receiving a SETUP message: If PI is set in the received message, the calling party number is removed, unless the CLIR override option is set.

Top
CLIR Override

CLIR override is an option that allows the calling party number to be presented to the destination party even when the Calling Party Number (CPN) IE’s Presentation Indicator (PI) is set to "Restricted". This option is typically used for police or emergency services.

For all ISDN signaling protocols except QSIG, operation is as follows: if the CLIR Override is enabled on the NT interface at the originating side, the Calling Party Number IA5 digits is included in the Calling Party Number IEs even if the Presentation Indicator is set to "Restricted".

For QSIG, the Calling Line Information Restriction Override is a service offered at the destination interface. If the CLIR Override is not enabled and the Presentation Indicator is set to "Restricted" then the Calling Number is not presented. See ECMA-148 section 8.

Refer to the diagrams in the Interaction between CLIP, CLIR, and CLIR override section for details.

CLIR override is enabled through the ClirOverrideEnable parameter, which can take the following values:

Disable The parameter has no effect.
Enable
ISDN signaling protocols (except QSIG):
  • The override option acts on the NT interface of the destination network side. It prevents the number to be removed from the CPN IE inserted in the SETUP message sent to the destination TE.
QSIG signaling protocol:
  • The override option prevents the calling name to be removed from the CPN IE in a received SETUP message.

Top
Interaction between CLIP, CLIR, and CLIR override

The following diagrams show how CLIP, CLIR and CLIR Override override work together to bring (or not) the calling party number from the call originator to the call destination. Refer to the ISDN Signaling Protocols (Except QSIG) and QSIG Signaling Protocol sections for the corresponding diagrams. Call flow must be read from the left (originating network side) to the right (destination network side).

These diagrams also show on which interfaces the ClipEnable, ClirEnable and ClirOverrideEnable parameters have an effect. This is where they must be configured.


Top
ISDN Signaling Protocols (Except QSIG)
The Mediatrix unit can play four different roles:
  • TE interface at the Originating Network Side;
  • NT interface at the Originating Network Side;
  • TE interface at the Destination Network Side;
  • NT interface at the Destination Network Side.
The following diagram illustrates an end-to-end call where all four roles are played by Mediatrix units:


Top
QSIG Signaling Protocol
In QSIG, the ISDN interfaces have a peer-to-peer relationship.

To describe how CLIP/CLIR/CLIR override work together, we only need to identify the interface that sends the SETUP message and the interface that receives it.




Top
COLP

In ISDN, the Connected Line Identification Presentation is an optional service offered at the originating interface by the NT peer. When the service is enabled, a Connected Line Identification Presentation Element containing the connected number IA5 digits is sent under some conditions in the CONNECT ISDN message.

On the originating side, the TE interface always sends the Connected Party Number IE, it is up to the NT interface at the destination side to apply the appropriate privacy rules. If the originating side is NT, the Connected Party number is sent only if the Connected Number is not set to Restricted or if the Override flag is enabled.

For QSIG, the Connected Line Information Presentation is also an optional service offered at the outgoing and incoming interface. If available, the Connected Party Number IE containing the connected IA5 digits is included in the CONNECT ISDN message at the outgoing interface. However, the Connected Party Number is not presented at the incoming interface if the Connected Number is "Restricted" and the Override flag is not enabled see ECMA-148, section 6.

The COLP can also be affected by the uCP_ISDN_COLP_NUMBER call property in the same way that the CONP is affected by uCP_ISDN_CONP_NAME call property. See CONP section for more information.


Top
COLR

Generally, the Connected Line Identification Restriction is a service offered to the TE at the originating interface.

When the service is enabled on a TE originating interface, the Connected Party Number IE’s Presentation Indicator field is set to "Restricted" upon transmission of an ISDN CONNECT message from TE to NT interface. However, the TE interface must include the IA5 digits in the Connected Party Number.

For QSIG, when the service is enabled at the outgoing interface, the Connected Party number IE Presentation Indicator parameter is set to 'Restricted'. At the incoming side, this parameter has no effect. See ECMA-148 section 8.


Top
COLR Override

In ISDN, the Connected Line Identification Restriction Override is a service offered at the originating interface by the NT peer.

If the CLIR Override is enabled on the NT interface at the originating interface, the Connected Party Number IA5 digits are included in the Connected Party Number IEs even if the Presentation Indicator is set to "Restricted".

For QSIG, this parameter has no effect. See ECMA-148 section 8.


Top
CONP

The Connected Name identification Presentation (CONP) is a supplementary service which provides the name of the answering or alerting user to the calling user.

For ISDN-PBX to IP-PBX calls, if the PrivacyHeadersInResponse parameter is enabled, the uCP_ISDN_CONP_NAME call property will be set from the 180 Ringing, 183 Session Progressing, or 200 OK SIP message accordingly to the values of the P-Asserted-Identity SIP header. If the ConpEnable is enabled, the ISDN CONP called name and connected name will be set accordingly to the value of the uCP_ISDN_CONP_NAME call property respectively in the ISDN Alerting and Connect message.

The following diagram shows a detailed call from ISDN-PBX to IP-PBX with the parameters involved on both the IP and ISDN sides.

For IP-PBX to ISDN-PBX calls, if the ConpEnable parameter is enabled, the uCP_ISDN_CONP_NAME call property will be set from the ISDN Alerting, ISDN Progress, or ISDN Connect from the value of the Called or Connected Name Facility Information Element. If the PrivacyHeadersInResponse parameter is enabled, the P-Asserted-Identity SIP header friendly name will be set to the uCP_ISDN_CONP_NAME call property.

The following diagram shows a detailed call from IP-PBX to ISDN-PBX with the parameters involved on both the IP and ISDN sides.

If the number of characters in the connected/called party name exceeds 50, the gateway will truncate the excess characters.


Top
Facility Message Waiting Delay

Upon reception of a SETUP from the remote peer, the interface can optionally wait for a configurable amount of time for a FACILITY message before processing the call. As soon as it receives a FACILITY message or the delay expires, it goes on with normal call processing. The delay is configured via the MaximumFacilityWaitingDelay parameter.


Top
MSN (Multiple Subscriber Number)

The Multiple Subscriber Number is a service allowing the TE to configure up to three numbers. This service is available only for a BRI interface configured in TE Point To Multipoint. When this service is enabled in the TE, the Called Party Number (Called E.164) received from IE is matched with these numbers. If the Called Party Number is found, the call can be processed. In the case where the E.164 is not matched, the call is silently discarded.


Top
Notify

The NOTIFY is an ISDN service independent of the HOLD and RETRIEVE. It serves only to notify an ISDN endpoint when the remote peer, usually a SIP endpoint, holds or resumes a call. So a NOTIFY REMOTE HOLD message is sent to the ISDN endpoint when the remote peer puts the call on hold, and a NOTIFY REMOTE RETRIEVAL message is sent when the remote peer resumes the call.

If the ISDN SignalingChannelOutgoingNotifyEnable paramater is disabled, no NOTIFY message is sent.

The BRI phone can use this message to inform the user of the new call state, by displaying the remote hold or retrieval message on its LCD screen for example. Note that the BRI phone keeps the voice path opened, so the hold tone or MOH can be heard.


Top
Calling Party Name
Calling Party Name can be received and sent through three different methods:
  • Facility information element;
  • Display information element;
  • User-User information element.
When receiving an incoming call, the Calling Party Name value comes from the provided IE, in this order:
  • Display
  • Facility
  • User-User

Calling Party Name is accepted in a Display Information Element only when explicitly identified as a Calling Party Name (i.e. only when "Display Type" = "Calling Party Name" in the information element).

When initiating a call, Calling Party Name is sent according to the method selected in the CallingNameDelivery parameter. If the method selected in the CallingNameDelivery parameter is not supported for the protocol in use, the default method for this protocol is used. The following table shows which method is used vs configuration of CallingNameDelivery:
Protocol CallingNameDelivery
eFacility eDisplay eUserUser eSignalingProtocol
DSS1 IE User-User IE User-User IE User-User IE User-User
Dms100 IE Facility IE Display IE Display IE Display
NI-2 IE Facility IE Facility IE Facility IE Facility
5ESS IE Facility IE Facility IE User-User IE Facility
QSIG IE Facility IE Facility IE Facility IE Facility

Top
Call Rerouting

The Call Rerouting supplementary service allows to reroute an incoming public ISDN call (originated from PSTN) within or beyond the private ISDN network (such a PBX) as specified in the ETS30020701, section 10.5. The Rerouting data are received and relayed through a FACILITY message containing a Facility Information Element. The Rerouting data are encoded in a CallRerouteing invoke component as specified in the ETS30020701, section 7.

In a Mediatrix typical CallRerouting scenario, when the CallRerouting supplementary service is enabled (the Isdn.SignalingChannelFacilityServicesEnable parameter is enabled and the Isdn.SignalingChannelCallReroutingBehavior parameter is set to "RelayReroute" or "ProcessLocally") and a Facility Information Element containing a CallRerouteing invoke component is received via a FACILITY message on a TE endpoint (from the private network), the ISDN service parses the CallRerouting data and forward it to the CallManager via a specific CallMessage.

To prevent infinite CallRerouting loops, the ISDN service inspects the rerouteingCounter value and returns an error if a loop is detected or if the maximal rerouteingCounter value allowed by the ETS300 207 01 is reached (>5). When the CallRerouting service is not supported (Isdn.SignalingChannelFacilityServicesEnable parameter is disabled or Isdn.SignalingChannelCallReroutingBehavior set to "Unsupported"), the CallRerouting request is automatically rejected.

Upon reception of a CallMessage specifying a Rerouting request, the ISDN service inspects the CallRerouting properties set and according to the Isdn.SignalingChannelCallReroutingBehavior parameter, the services takes an action. If the parameter is set to "RelayReroute", a Facility Information Element containing a CallRerouteing invoke component is transmitted to the ISDN peer (public network side) via a FACILITY message. The ISDN service waits for an answer from the peer.

If the parameter is set to "ProcessLocally" or a negative CallRerouting answer is received (a negative answer received would mean that the public network side (PSTN) is unable to complete the call Rerouting request), the Isdn service initiates a new call to process locally the call Rerouting request. The new call is requested to the CallManager without specifying a destination interface to force the CallRouter service to select the appropriate route. If the new call is routed to an ISDN interface, the ISDN service sends a SETUP containing a DivertingLegInformation2 invoke component in the Facility IE as specified in the ETS 300 207 01, section 10.2 and section 10.4. The data related to the call diversion set in the DivertingLegInformation2 are transferred from the CallRerouting properties.

Note: Upon reception of the CallMessage requesting a Rerouteing, the ISDN service automatically releases the current call whatever if the Isdn.SignalingChannelCallReroutingBehavior parameter is set to "RelayReroute" or "ProcessLocally".

An illustration of a typical ISDN Call Rerouting scenario (Call Forward Unconditionnal) in a Mediatrix device would be as the following sequence diagram:




Top
Malicious Call Identification

Malicious Call Identification (MCID) is a supplementary service that enables the service provider to identify the source of malicious calls. A user who receives a malicious call from another network can notify the PSTN of the malicious nature of the call, allowing the offnet system to take action, such as notifying legal authorities.

To invoke the MCID supplementary service, the called user shall send a mCIDRequest invoke component carried by a Facility information element in a FACILITY message.

To indicate that the service has been accepted, the network shall send:
  • if accepted, a mCIDRequest return result component, or
  • if rejected, a mCIDRequest return error component carried by a Facility information element in a FACILITY message

For customer needs, the mCIDRequest invoke can be sent from both Network and User sides. This behavior does not follow the signaling flow in EN 300 130-1 Annex A which stipulates that the mCIDRequest invoke is only sent from the User side to Network side.

To enable the MCID supplementary service, the Isdn.SignalingChannelFacilityServicesEnable and Isdn.SignalingChannelMcidEnable parameters must both be set to Enable. Further more, the MCID feature is only available for DSS1 signaling.

An illustration of a typical ISDN MCID scenario in a Mediatrix device:


Top
InformationFollowing Operation

The "informationFollowing" operation is supported for NI2 signaling only.

When a SETUP message is received containing an "informationFollowing" operation, the unit immediately sends a PROCEEDING message. The unit then waits normally for a FACILITY message containing the calling party name, for a maximum time configured with the MaximumFacilityWaitingDelay parameter.

The only difference between this behavior and the usual behavior (i.e. without the "informationFollowing" operation), is the immediate sending of the PROCEEDING message before waiting for the calling party name.

Note that the "informationFollowing" operation is mutually exclusive with the configuration parameter CallProceedingDelay, which configures a delay before sending the PROCEEDING message. If the PROCEEDING message is sent due to the "informationFollowing" operation, the CallProceedingDelay parameter is ignored.


Top
Advice of Charge

To enable the Advice of Charge (AOC) support on the ISDN interface you must enable the FACILITY services and at least one of the following AOC support: AOC-E (End of Call) or AOC-D (During the Call).

Note: Since the AOC from ISDN interface to SIP is currently not supported, enabling the AOC on an ISDN interface configured as TE (user side) is only meaningful when using hairpinning.

Top

Default Values for Call Properties

Each ISDN interface can be configured with default values for the following parameters in the Calling Party Number IE and the Called Party Number IE.

These default values apply only to outgoing ISDN calls:
Information Element (IE) Parameter Configuration Parameter
Calling Party Number Type of Number (TON) DefaultCallingTon
Calling Party Number Numbering Plan Indication (NPI) DefaultCallingNpi
Calling Party Number Presentation Indicator (PI) DefaultCallingPi
Calling Party Number Screening Indicator (SI) DefaultCallingSi
Called Party Number Type of Number (TON) DefaultCalledTon
Called Party Number Numbering Plan Indication (NPI) DefaultCalledNpi

These parameters provide default values that are inserted in the Calling Party Number IE and the Called Party Number IE when these values are not already provided by the call properties.

Another way to control these values is by using the "Properties Manipulation" feature of the Call Router. This method has precedence over the parameters described here.

The following paragraphs provide additional information on how these parameters work:
  • TON and NPI: If the value is not available from the Call Properties, the corresponding value from DefaultCallingTon, DefaultCalledTon. DefaultCallingNpi or DefaultCalledNpi parameter is used directly.
  • PI: If PI is not available from the Call Properties, its value is determined by the following two steps.
    • First, it is set to the default value defined by "DefaultCallingPi".
    • Second, it can be overridden by the CLIP and CLIR services: the value can be set to "Restricted" by the CLIR service and the value can be set to "NotAvailable" if there is no number to forward.
  • SI: Like the other parameters, the DefaultCallingSi parameter is ignored if the SI value is provided by the Call Properties. If SI is not provided by the call properties, it is set to the value provided by DefaultCallingSi except for one special case: when the DefaultCallingSi parameter is set to "Context Dependent", the unit applies internal rules to set SI to the value that makes most sense according to context. These internal rules are as follows:
    • For all signaling protocols except QSIG:
      • If interface is configured as NT (network side), SI is set to "NetworkProvided"
      • If interface is configured as TE (user side), SI is set to "UserProvidedNotScreened"
    • For QSIG signaling protocol:
      • If the calling party number string is not empty, SI is set to "UserProvidedVerifiedAndPassed"
      • If the calling party number string is empty, SI is set to "NetworkProvided"

Top

Advanced ISDN Tasks

Exporting a Preset Configuration File

Before you begin
If you are using a user-defined preset configuration file, do not forget to upload it through the file management system.
Steps
  1. Go to ISDN/Status.
  2. In the ISDN Preset Configuration table, in the Preset Name field, enter the name for the exported preset configuration file.
    Note: We strongly recommend indicating the type of unit and date of export as the name of the preset configuration file. For example: MTX4400_20170823.
  3. Click Save.
Result


The preset configuration file will be displayed under Management/File, in the Internal files table.

Top

Primary Rate Interface

PRI (E1/T1) Configuration

Important Information for North America

Mediatrix units are configured to default for E1, which is used in most countries in Europe, Middle-East, Africa and Oceania. For the T1 interface used in North America, some settings MUST be changed.

Setting T1 (North America) E1 (Default)
Line Coding B8ZS HDB3
Line Framing ESF (usually), or SF(D4) CRC4 (usually), or NO-CRC4
Signaling Protocol NI2 (usually) DSS1 (usually)
Preferred Encoding Scheme u-Law a-Law
Fallback Encoding Scheme a-Law u-Law
Channel Range 1-23 1-30

Top

Supported Signaling Protocols

Protocol Description
DSS1 Digital Subscriber Signaling System No.1
DMS100 Digital Multiplex System 100
NI2 National ISDN No.2
5ESS 5 Electronic Switching System
QSIG ECMA's protocol for Private Integrated Services Networks
IMPORTANT: In North America, the official standard is National ISDN2 (NI2). Virtually all 5ESS, DMS100, and GTD-5 switches have been upgraded to use that standard since the early 2000's.The "5ESS" and "DMS100" Signaling Properties settings are provided only for backwards compatibility only with older switches and PBXes, and might not support some functionalities such as Calling Name Delivery.

Top

Important PRI Settings

Endpoint Type, Clock Mode, and Port Pinout
These settings should normally be auto-detected (Step 1)
Signaling Protocol

Refer to the Supported Signaling Protocols section.

Fallback Encoding Scheme

Only valid when receiving a SETUP message. The user sending the SETUP message does not indicate an alternative bearer capability.

Channel Range

This is typically used for fractional T1 or E1 service.

  • Channels start at 1 and make abstraction of the synchronisation and signaling timeslots.
  • Channels outside of the range defined for this field are ignored. For example:
    • Fractional T1 512K: Channel Range 1-8 (corresponds to B channels 1-8, D channel 24)
    • Fractional E1 on ramp 10: Channel Range 1-10 (corresponds to timeslot 0 + B channels 1-10 + D channel 16)
    • Fractional E1 on ramp 10: Channel Range 1-20 (corresponds to timeslot 0 + B channels 1-15 + D channel 16 + B channels 17-21)
Channels Reserved for Incoming Calls and Channels Reserved for Outgoing Calls
  • Bearer channels are by default usable for both incoming and outgoing calls. Use this range to reserve channels for incoming or outgoing calls.
  • Channels outside of the range defined by ChannelRange parameter are ignored.
  • Channels reserved in both IncomingChannelRange and OutgoingChannelRange parameters are considered usable for both incoming and outgoing calls.
  • The space character is ignored and duplication is not allowed.
  • Channels must be specified in low to high order.
Calling Name Max Length

The value for calls from SIP to ISDN is set to 34 by default, but ranges from 0 to 82.Some telephone companies do not allow customers to pass Calling Name and will drop calls if it is not set to zero.

Interface Configuration

Call properties set in the Call Router have precedence over the default values of the table. For more details on the Call Router, refer to the Call Router user guide published published on the Media5 documentation portal at https://documentation.media5corp.com/.


Top

Using a Preset Configuration File

Before you begin
If you are using a user-defined preset configuration file, do not forget to upload it through the file management system, under Management/File.
Steps
  1. Go to ISDN/Status.
  2. In the ISDN Preset Configuration table from the Local Preset list, choose the preset configuration file you wish to import.
    Note: In North America, the PRI_NorthAmerica-NI2.cfg contains the recommended settings for a connexion with most of the telephone operators.
  3. Click Apply.
Result
The preset configuration file will be uploaded to the unit and applied.
Note: In most cases, the unit will be restarted. Please wait a few minutes for the operation to complete, then log-in again into the Web interface of the unit.



Top

Associating a PRI Port to a Line Type and Protocol

Steps
  1. Go to System/Hardware.
  2. In the PRI Ports Configuration table, from the Line Type selection list, select either E1 or T1.
  3. From the Signaling selection list, associate a type of signaling to the PRI port.
  4. Click Apply.
  5. Restart the unit.
Result
The selected line type will appear under ISDN/Primary Rate Interface. This is an example of a PRI port association.


Top

Configuring the E1T1 Interface (PRI)

Before you begin
Endpoint Type, Clock Mode, and Port Pinout: These settings should normally be auto-detected , therefore, always use Auto-Detecting and Auto-Configuring ISDN Interfaces procedure first to automatically detect and to automatically configure your PRI interface. The manual configuration of the PRI interface should be used for fine tuning of the configuration.
Context
Note: Before you start, refer to the Important Information for North America section
Steps
  1. Go to ISDN/Primary Rate Interface.
    Note: ISDN ports can be configured while they are active. However they are internally disabled to modify the configuration and then re-enabled. All active calls on the port are dropped during this process. Configuration changes should only be performed during planned down times. Most of the ISDN parameters change require a restart of the ISDN service to be applied.
  2. From the Select Interface drop box, select the E1/T1 interface you wish to modify.
    Note: Depending on the Mediatrix model, there may be several interfaces.
  3. Modify the parameters as required.
  4. Click Apply.
Result

Top

Advanced Primary Rate Interface (PRI) Tasks

Modifying Port Pinout

Steps
  1. Go to ISDN/Primary Rate Interface.
    Note: Not all PRI and/or BRI platforms support Port Pinout.
  2. In the Interface Configuration table, set the Port Pinout to reflect your configuration.
Result



Top

Basic Rate Interface (BRI)

ADvanced BRI Tasks

Configuring the BRI Interface

Before you begin
Always use the Auto-sensing feature to automatically detect and to automatically configure your PRI interface. Use the Auto-Detecting and Auto-Configuring ISDN Interfaces procedure first. The manual configuration of the BRI interface should be used for fine tuning of the configuration.
Context

It is important to take into consideration the following information:

  • Endpoint Type: Values used for the Mediatrix unit must be opposite to the value used for the PBX. For instance, if the PBX is set to TE, then the Mediatrix unit must be set to NT. When the BRI interface Signaling Protocol is set to QSIG, the endpoint type is only used in the second layer (LAPD) since it is a concept that does not exist in QSIG. NOTE: To use a specific interface as the clock reference, this parameter must be set to TE. For more information on Clock Synchronisation, refer to the Technical Bulletin - Mediatrix Gateways and ISDN Synchronisation and Synchronising Unit Operation (TDM Sync) published on the Media5 documentation portal at https://documentation.media5corp.com/ .
  • Preferred Encoding Scheme: Only G.711 u-Law and G.711 a-Law codecs are allowed. G.711 u-Law may not be supported by DSS1 NT and TE endpoints. It is recommended to use G.711 a-Law as preferred encoding protocol.
  • Fallback Encoding Scheme: Only G.711 u-Law and G.711 a-Law codecs are supported. Only valid when receiving a SETUP message. The user sending the SETUP message does not indicate alternative bearer capability.
  • Clock Mode: "Auto" should be the value to use. In a BRI configuration, setting the clock mode to slave for a NT endpoint can be set for interop usage, while setting the clock mode to master for a TE endpoint is invalid (slave mode is automatically applied in this case). For more information on Clock Synchronisation, refer to the Technical Bulletin - Mediatrix Gateways and ISDN Synchronisation and Technical Bulletin - Synchronising Unit Operation (TDM Sync) published on the Media5 documentation portal at https://documentation.media5corp.com/ .
  • Calling Name Max Length: The value for calls from SIP to ISDN ranges from 0 to 82.
  • Exclusive B-Channel Selection: When the parameter is enabled only the requested B channel is accepted when a call is initiated; if the requested B channel is not available, the call is cleared.
  • Monitor Link State Parameter: When enabled with the Ignore OPTONS on no usable endpoints also enabled under the SIP/Interop page, this will influence how the SIP options are answered.
  • Connection Type: depends on the equipment to which the Mediatrix unit port is connected to and it must be the same for all interconnected pieces of equipment.
  • Signaling Protocol: Must match the connected ISDN equipment or network.
  • TEI Negotiation : Only applies on Point to Multipoint connections.
  • Call properties set in the Call Router have precedence over the default values of the Interface Configuration table. For more details on the Call Router, refer to the DGW Configuration Guide - Call Router user guide published on the Media5 corp documentation portal at https://documentation.media5corp.com/ .
  • In strings, the space character is ignored and duplicating causes is not allowed.
  • Some ISDN switches may require that the Sending Complete information element be included in the outgoing SETUP message to indicate that the entire number is included and there are no further destination digits to be sent.
  • An ISDN telephone may send INFORMATION messages that contain a “Keypad Facility”. You can thus trigger a supplementary service (Hold, Conference, etc.) by sending a keypad facility. Since the keypads can be received via several INFORMATION messages, they are accumulated until they match or reset if the keypad reception timeout (second) has elapsed since the last keypad has been received. The keypad reception timeout can only be modified via SNMP. If the keypad reception timeout is set to 0, it disables the timeout, thus assuming that all keypads will be received in a single INFORMATION message
Steps
  1. Use the Auto-Detecting and Auto-Configuring ISDN Interfaces procedure first.
  2. Go to ISDN/Basic Rate Interface.
  3. From the Select Interface drop-box, select the BRI interface you wish to modify.
    Note: Depending on the Mediatrix model, there may be several interfaces. To configure more than one interface at a time, use the Apply To The Following Interfaces table.
  4. Make all required changes to the displayed parameters.
  5. Click Apply.

Top

Setting the Clock Mode

Steps
  1. Go to ISDN/Basic Rate Interface.
  2. In the Select Endpoint dropdown menu, select the endpoint you want to configure.
  3. In the Interface Configuration table, set the Clock Mode.
Result



Top

Interop

Advanced Interop Concepts

Interop Parameters

Interop parameters allow the Mediatrix unit to properly work, communicate, or connect with specific ISDN devices.


Top

Advanced Interop Tasks

Configuring Interop Parameters

Context
Interop parameters can be configured for PRI and BRI interfaces.
Steps
  1. Go to ISDN/Interop.
  2. From the Select Interface drop down, choose the interface for which you wish to configure the interop parameters.
    Note: To select more than one interface at a time, if available on the unit, use