BRKCOL-2125

Enabling SIP Trunking for

premise and cloud based
collaboration deployments

Hussain Ali, CCIE# 38068 (Voice, Collaboration)

Technical Marketing Engineer
Dilip Singh, CCIE# 16545 (Collaboration)
Technical Leader
Agenda
• CUBE Overview and SIP Trunk Sizing
• CUBE Architecture (Physical & Virtual)
• Transitioning to SIP Trunking using CUBE
• Advanced features on CUBE
• CUBE + SRST Colocation
• Futures & Key Takeaways

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
CUBE Overview and
Sizing
Collaboration Deployment

DEMARC
Enterprise LAN ITSP WAN (SIP Provider)
PSTN (PRI/FXO)
Unified CM
TDM Backup
(Not available in
10.10.1.20

10.10.1.21 vCUBE)

66.77.37.2
Gig0/0
PSTN
Gig0/1
CUBE 128.107.214.195
SIP

DEMARC
H.323

RTP

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
 CUBE (Enterprise) Product Portfolio
50-150 ASR 1004/6 RP2
Introducing CUBE on ASR 1002-X
50-100 CSR
ASR 1001-X
vCUBE [Performance
dependent on vCPU and ISR 4451-X
memory] ISR 4431
20-35 3900E Series ISR-G2
(3925E, 3945E)
CPS

ISR 4351
17

3900 Series ISR-G2 (3925, 3945)

ISR-4K (4321, 4331)

8-12

Note: SM-X-PVDM module

2900 Series
ISR-G2 (2901, 2911, 2921, 2951)

<5
supported on XE3.16 or later
800 ISR
for ISR 4K platforms

4 <50 500-600 900-1000 2000-2500 4000 4500-6000 7000-10,000 12K-14K 14-16K

Active Concurrent Voice Calls Capacity

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
CUBE Software Release Mapping
ISR G2 ASR 1K / ISR-4K/vCUBE (CSR)
CUBE 2900/ CUBE
Vers. 3900
FCS
Vers. IOS XE Release 16 2 FCS

11.5.14 15.6(2)T14 Mar 2016 N/A 3 16.2.13 Mar 2016

11.5.2 15.6(3)M1 Dec 2016 11.5.23 16.3.2/16.4.13 Nov 2016
EOL EOL EOL 11.6.0 16.5.1 Mar 2017
EOL EOL EOL 12.0.0 16.6.1 July 2017
EOL EOL EOL 12.0.0 16.7.1 Nov 2017
EOL EOL EOL 12.1.0 16.8.1 Mar 2018
EOL EOL EOL 12.2.0 16.9.1 July 2018
EOL EOL EOL 12.5.0 16.10.1a Nov 2018
2 IOS-XE 16 requires a minimum of ASR1001-X, 1002-X, 1004/1006 RP2, ESP20 (Embedded Service Processor, SIP40 (SPA Interface processor)

3 IOS-XE release 16.2.1 does not support CUBE functionality on the platforms. There is no CUBE version 11.5.1 for the XE based pla tforms. All CUBE features from 11.5.0 (IOS-XE 3.17) and earlier versions
along with CUBE 11.5.1 (March 2016 release) on ISR G2 are included in CUBE release 11.5.2 for the IOS -XE based platforms, IOS-XE release 16.3.1 [July 2016 release]
4 IOS 15.6(2)T will show CUBE Release version to be 12.0.0 but due to DDTS# CSCuz43735, rebuilds for this release train will align to CUBE release 11.5.1, that is 15.6(2)T1/T2/T3/T4 and so on will be
CUBE version 11.5.1

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
CUBE Interoperability
Cisco Interoperability Portal: • Validated with Service
www.cisco.com/go/interoperability Providers World-Wide
• Independently Tested
with 3-Party PBXs in
tekVizion Labs
• Standards based
Verified by

Proven Interoperability and Interworking with

Service Providers Worldwide

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Sizing Enterprise CUBE
deployments
NOTE : Sizing information is only intended
as a guideline. Actual session count will
vary based on the number of features
turned on the ISR/ASR/CSR along with
CUBE and the IOS-XE version being used.
CUBE Session Capacity Summary For Your
Reference

Platform CUBE SIP-SIP IPT Sessions (Audio)

NanoCUBE (8XX and SPIAD Platforms) 15 - 120
2901 – 4321 100
2911 – 2921 200 – 400
4331 500 • Flow thru
2951 600 • RTP-RTP
3925 – 3945 800 – 950
• IPT
4351 1000
3925E – 3945E 2100 – 2500 • 711-711
4431 3000
4451 6000
ASR1001-X 12000
ASR1002-X 14000
ASR1004/1006 RP2 16000

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
CUBE ENT on ISR 4K Series
Audio Session Capacity with Additional Features: XE16.6 and later
CPS 1 Total # of SW CUBE + CUBE + Xcoding2
Platform Flow-thru MTP 3 SW
(Memory4) calls5 MTP 3 Xcoded Calls w/ Simultaneous
(Estimates) PVDM4-256 Non-Xcoded Calls

4321 (4GB) 4 100 250 71 100 CUBE FT sessions

maxed
4331 (4GB) 8 500 600 250 128 372
4351 (4 GB) 10 1000 1000 500 128 872
4431 (8 GB - CP) 15 3000 1500 750 128 2872
4451 (8 GB - CP) 40 6000 3000 1500 128 5872
1. CPS and session counts listed are independently tested. Session capacities [Total # of Flow-thru calls] can be achieved at about half
the CPS listed in the Calls Per Second (CPS) column.
2. Transcoding is limited by DSP capacity. ISR4K has one PVDM4 motherboard slot and 128 sessions is based on a single PVDM4-256.
(G729r8-G711)
3. S/W MTP numbers are for standalone SW MTP sessions and CUBE+SWMTP numbers are for the maximum number of CUBE sessions
supported with each session utilizing a SW MTP on the same platform
4. All tests were done with 4 GB of RAM with the exception of 4451/4431 where 8 GB was used [8GB CP and 2GB DP]
5. Total calls are derived with 180 seconds call hold time

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
CUBE Sizing Guidelines
• All deployments for CUBE Ent must be done with 16GB of memory for
ASR1K series, 8 GB (Control Plane memory) for ISR4400 series, 4 GB for
ISR4300 series, and 2 GB for ISR G2 series
• Session count (end to end calls through CUBE) is dependent on the
amount of memory in the box. Numbers listed in the datasheet assume
above memory requirements are being satisfied
• CPS is dependent on the CPU of the platform
• Complex call flows (Cisco UCCE) can reduce CUBE CPS and session count
by upto 75% on ISR 4K/ASR1K series
• CUBE HA has less than 5% impact on number of sessions under full load

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
CUBE Sizing Guidelines
• SRTP with SIP TLS : Numbers will vary based on crypto algorithm and codec used
• SIP Header manipulation through SIP profiles has less than 5% impact on number of
sessions. Impact of SDP manipulation will be slightly higher compared to SIP
headers. For example, 6% for changing the codec order in the m-lines
• Media forking for call recording can have a 50% impact on IPT session count
regardless of the call type (IPT or UCCE) being recorded
• ASR1K Series : Recommendation is to use an RP2 based platform with a minimum of
ESP20 (1004/1006). Additionally 1001-X and 1002-X are recommended for CUBE
deployments instead of 1001 and 1002 respectively. ASR1001, ASR1002, ESP 5,
ESP 10, RP1, and SIP10 will not be supported in the IOS XE 16 releases

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
 CUBE Performance : DSP Considerations
• Transcoded (Xcoded) Session Count: is based on the DSP capacity for all ASR1K and ISR 4K
series
• An ISR4K with a single motherboard PVDM slot can have a maximum of PVDM4-256. Each
PVDM4-256 supports
1. 256 transcoding sessions if using a Low Complexity (LC) codec. E.g. g711alaw <-> g711ulaw
2. 192 xcoding sessions if using a Medium Complexity (MC) codec. E.g. g729abr8/g729ar8 <-> g711
3. 128 sessions if using High Complexity (HC) codec. E.g. g729r8/g729br8 <-> g711 (64 w/PVDM4-128)

• By default IOS-XE devices have codec complexity set to flex to have the max call density and as
such they do g729ar8 even when the CLI says codec g729r8 under a dial-peer or voice class
codec
• On ISR 4K series you can have more DSP capacity by using an SM-X-PVDM module or by
oversubscribing a T1/E1 NIM with extra DSP channels by using a larger DSP PVDM4 than
required for module density of voice T1 ports. These extra DSP channels can be used for voice
IP services (xcoding, conferencing, MTP) and can be pooled together with the on-board PVDM4
and extra DSP channels on separate T1/E1 NIM slot to create a larger DSPfarm

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
 Sample ISR4K CUBE Sizing
• An enterprise is looking for an SBC to support 800 IP
telephony sessions and an additional 100 Cisco CPS CUBE
Contact Center agent calls. All CC calls must be Platform
Sessions
recorded. G711 is used throughout but 50 remote
4321 4 100
agent phones will require G729r8. Additionally their
CUCM will require 200 S/W MTP sessions. 4331 8 500

• 800 IP telephony sessions = +800 IPT calls 4351 10 1000

4431 15 3000
• 100 Contact Center calls = +400 IPT calls
4451 40 6000
• A call that needs to be recorded = an IPT call, +100
IPT calls (Call Recording) TOTAL = 1500 CUBE sessions

• PVDM4-128 for transcoding But CPS expected is 20

• 1 S/W MTP session ~ 1 CUBE IPT session, +200 IPT Deploy a 4451 or two
calls (S/W MTP sessions) 4351s w/CUSP
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Agenda
• CUBE Overview and SIP Trunk Sizing
• CUBE Architecture (Physical & Virtual)
• Transitioning to SIP Trunking using CUBE
• Advanced features on CUBE
• CUBE + SRST Colocation
• Futures & Key Takeaways

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
CUBE Call Flow
CUBE Call Processing CUBE

• Actively involved in the call treatment, signalling

and media streams IP
• SIP B2B User Agent Media Flow-Through
• Signalling is terminated, interpreted and re-  Signaling and media terminated by the Cisco
originated Unified Border Element
 Transcoding and complete IP address hiding
• Provides full inspection of signalling, and protection require this model
against malformed and malicious packets

• Media is handled in two different modes: CUBE

• Media Flow-Through IP
• Media Flow-Around
Media Flow-Around
• Digital Signal Processors (DSPs) are only  Only Signaling is terminated on CUBE
required for transcoding (calls with dissimilar  Media bypasses the Cisco Unified Border
codecs) Element

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
CUBE Architecture
ISR G2 vs ASR1K vs ISR 4K
vs vCUBE (CUBE on CSR)
ASR/ISR-4K & ISR-G2 Architecture Comparison
ASR/ISR-4K (IOS-XE) Architecture ISR G2 Architecture
CPU
IOS
RP Control Plane Control
Plane
IOS-XE IOS-XE
Signaling

Signaling
I/O I/O
Kernel Data Plane
 ISR: Pkt fwd’ing and signaling are handled by the
Msg I/f same CPU

 ASR: Pkt fwd’ing and signaling are handled by

different CPUs
I/O ESP I/O
‒ ESP must be programmed or instructed by the
control plane to do specific media functions
Data (Forwarding) Plane
‒ Performed by Forwarding Plane Interface (FPI)

Media
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Virtual CUBE (CUBE on CSR 1000v)
Architecture
• CSR (Cloud Services Router) 1000v runs on a Hypervisor – IOS
XE without the router
ESXi Container

RP (control plane) ESP (data plane) FFP code

Chassis Mgr. QFP Client Chassis Mgr.

IOS-XE Forwarding Mgr. / Driver Forwarding Mgr.

CUBE signaling CUBE media processing

Kernel (incl. utilities)

Virtual CPU Memory Flash / Disk Console Mgmt ENET Ethernet NICs

CSR 1000v (virtual IOS-XE)

Hypervisor vSwitch NIC

X86 Multi-Core CPU Memory Banks Hardware GE … GE

Virtual CUBE (CUBE on CSR 1000v) – Cont’d
• CSR1000v is a virtual machine, running on x86 server (no specialized hardware) with
physical resources are managed by hypervisor and shared among VMs
• Requires APPX (No TLS/SRTP) or AX (All vCUBE features) CSR licensing package to
access voice CLI and increase throughput from 100 kbps default. CUBE Licensing
follows ASR1K SKUs and still trust based
• No DSP based features (transcoding/inband-RFC2833 DTMF/ASP/NR) available
• vCUBE tracks only the next vSwitch interface resulting in SSO of vCUBE-HA only
due to software failures (active vCUBE crashing/reloading)
• vCUBE Tested Reference Configurations [UCS base-M2-C460, C220-M3S, ESXi
5.1.0 & 5.5.0]. ESXi 6.0 supported with IOS-XE 16.3.1 or later

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Agenda
• CUBE Overview and SIP Trunk Sizing
• CUBE Architecture (Physical & Virtual)
• Transitioning to SIP Trunking using CUBE
• Advanced features on CUBE
• CUBE + SRST Colocation
• Futures & Key Takeaways

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Step 1:
Configure CUCM to route calls to the edge SBC
SIP Trunk Pointing to CUBE
Standby

CUBE
A
Active IP PSTN

CUBE
Enterprise CUBE with High
Campus Availability

MPLS
• Configure CUCM to route all PSTN
PSTN is now
calls (central and branch) to used
CUBE only for
(Gig0/0 emergency
in our slides) via a SIP trunk
SRST calls over
FXO lines
• Make sure all different patterns of
calls – local,
CME long distance,
international, emergency,TDM PBX
informational
Enterprise etc.. are pointing to
Branch Offices
CUBE BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Step 2: Get details from SIP Trunk provider
Item SIP Trunk service provider requirement Sample Response
1 SIP Trunk IP Address (Destination IP Address for INVITES) 66.77.37.2 or DNS
2 SIP Trunk Port number (Destination port number for INVITES) 5060
3 SIP Trunk Transport Layer (UDP or TCP) UDP
4 Codecs supported G711, G729
5 Fax protocol support T.38
6 DTMF signaling mechanism RFC2833
7 Does the provider require SDP information in initial INVITE (Early offer Yes
required)
8 SBC’s external IP address that is required for the SP to
128.107.214.195
accept/authenticate calls (Source IP Address for INVITES)
9 Does SP require SIP Trunk registration for each DID? If yes, what is the No
username & password
10 Does SP require Digest Authentication? If yes, what is the username & 408-944-7700
password BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Step 3: Enable CUBE Application on Cisco routers
1. Enable CUBE Application
voice service voip
mode border-element license capacity 20  License count entered here not enforced though this CLI is
required to see “show cube” CLI output
allow-connections sip to sip  By default IOS/IOS-XE voice devices do not allow an incoming
VoIP leg to go out as VoIP

2. Configure any other global settings to meet SP’s requirements

voice service voip
media bulk-stats  To increment Rx/Tx counters on IOS-XE based platforms. W/O this CLI,
it will show 0/0 (CPU intensive CLI)
sip
early-offer forced
3. Create a trusted list of IP addresses to prevent toll-fraud
voice service voip
ip address trusted list  Applications initiating signaling towards CUBE, e.g. CUCM, CVP,
ipv4 66.77.37.2 ! ITSP SIP Trunk Service Provider’s SBC. IP Addresses from dial-peers with “session target
ipv4 10.10.1.20 ! CUCM ip” or Server Group are trusted by default and need not be populated here
sip
silent-discard untrusted  Default configuration starting XE 3.10.1 /15.3(3)M1 to mitigate TDoS Attack

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Step 4: Configure Call routing on CUBE

10.10.1.20

66.77.37.2
10.10.1.21 128.107.214.195

• Dial-Peer – “static routing” table mapping phone numbers to interfaces or IP addresses

• LAN Dial-Peers – Dial-peers that are facing towards the IP PBX for sending and receiving call legs to
and from the PBX. Always bind LAN interface(s) on CUBE to LAN dial-peers, ensuring SIP/RTP is
sourced from the intended LAN interfaces(s)

• WAN Dial-Peers – Dial-peers that are facing towards the SIP Trunk provider for sending and
receiving call legs to and from the ITSP. Always bind CUBE’s WAN interface(s) to WAN dial-peer(s).

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
WAN Dial-Peer Configuration
Inbound Dial-Peer for call legs from SP to CUBE
dial-peer voice 200 voip
description *** Inbound WAN side dial-peer *** Specific to your DID range
incoming called-number +1408944 . . . . $
session protocol sipv2
assigned by the SP
voice-class sip bind control source gig0/1
voice-class sip bind media source gig0/1
Apply bind to all dial-peers when
codec g711ulaw CUBE has multiple interfaces.
dtmf-relay rtp-nte Gig0/1 faces SP.
no vad
Outbound Dial-Peer for call legs from CUBE to SP
dial-peer voice 201 voip Translation rule/profile to strip the
description *** Outbound WAN side dial-peer *** access code (9) before delivering
translation-profile outgoing Digitstrip the call to the SP
destination-pattern 91[2-9]..[2-9]......$
session protocol sipv2 Dial-peer for making long distance
voice-class sip bind control source gig0/1 calls to SP, based on NANP (North
voice-class sip bind media source gig0/1
American Numbering Plan)
session target ipv4:66.77.37.2 ! ITSP SIP Trunk
codec g711ulaw Note: Separate outgoing DP to be created for Local, International,
dtmf-relay rtp-nte Emergency, Informational calls etc.
no vad
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
LAN Dial-Peer Configuration
Inbound Dial-Peer for call legs from CUCM to CUBE
dial-peer voice 100 voip
description *** Inbound LAN side dial-peer ***
CUCM sending 9 (access code) + All
incoming called-number 9T
session protocol sipv2 digits dialed
voice-class sip bind control source gig0/0
voice-class sip bind media source gig0/0
Apply bind to all dial-peers when
codec g711ulaw CUBE has multiple interfaces. Gig0/0
dtmf-relay rtp-nte faces CUCM.
no vad
Outbound Dial-Peer for call legs from CUBE to CUCM
dial-peer voice 101 voip
description *** Outbound LAN side dial-peer *** SP will be sending 10 digits (NANP)
destination-pattern +1408944 . . . . $ based on your DID that is being
session protocol sipv2 delivered to CUCM
voice-class sip bind control source gig0/0
voice-class sip bind media source gig0/0
session target ipv4:10.10.1.20 ! CUCM IP Address
codec g711ulaw Default codec is G729 if none is
dtmf-relay rtp-nte specified
no vad
Note: If more than 1 CUCM cluster exists, you will have to create multiple such LAN dial-peers with “preference CLI” for CUCM redundancy/load balancing as the traditional way to accommodate multiple trunks
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
 SIP Normalization
SIP profiles is a mechanism to normalise or customise SIP at the
network border to provide interop between incompatible devices
SIP incompatibilities arise due to: Add user=phone for INVITEs
• A device rejecting an unknown header (value Incoming Outgoing
or parameter) instead of ignoring it CUBE
INVITE INVITE
sip:[email protected]:5060 sip:[email protected]:5060
• A device expecting an optional header SIP/2.0 user=phone SIP/2.0
value/parameter or can be implemented in
voice class sip-profiles 100
multiple ways request INVITE sip-header SIP-Req-URI modify "; SIP/2.0" ";user=phone SIP/2.0"
request REINVITE sip-header SIP-Req-URI modify "; SIP/2.0" ";user=phone SIP/2.0"
• A device sending a value/parameter that
must be changed or suppressed Modify a “sip:” URI to a “tel:” URI in INVITEs
(“normalised”) before it leaves/enters the
enterprise to comply with policies Incoming Outgoing
CUBE
INVITE INVITE
• Variations in the SIP standards of how to sip:[email protected]:5060 tel:2222000020
achieve certain functions SIP/2.0 SIP/2.0

voice class sip-profiles 100

• With CUBE 10.0.1 SIP Profiles request INVITE sip-header SIP-Req-URI modify "sip:(.*)@[^ ]+" "tel:\1"
request INVITE sip-header From modify "<sip:(.*)@.*>" "<tel:\1>"
can be applied to inbound SIP request INVITE sip-header To modify "<sip:(.*)@.*>" "<tel:\1>"

messages as well
More information at http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-border-element/118825-technote-sip-00.html
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
SIP Profile Rule Tagging
SIP Profile Tagging Enhancement
New rule tagging mechanism is being introduced
1. Insertion :
 New rules can be inserted at any position i.e at the beginning, at the end or in between existing
rules by specifying rule tag number.

2. Deletion :
 Rules can be deleted by giving no form of the rule with just the tag number.

3. Modification :
 Any of the existing rules can be modified by specifying the rule tag number.

4. Duplication :
 When a rule with an existing tag number is applied again, the rule will be over-written, without
creating any duplicate rules.

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
SIP Profile Tagging – Configuration
• For tagging the rules, an additional option of “rule <tag>” has been provided
CUBE(config)#voice class sip-profiles 1
CUBE(config-class)#?
VOICECLASS configuration commands:
The new
exit Exit from voice class configuration mode keyword
help Description of the interactive help system “rule”
no Negate a command or set its defaults
request sip request
response sip response “tag” to be
rule Specify the rule provided with
rule keyword
CUBE(config-class)#rule ?
<1-1073741823> Specify the rule tag
before The rule to be inserted before

CUBE(config-class)#rule 1 ?
request sip request
response sip response
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
SIP Profile Tagging – Configuration Cont’d
• For inserting a rule between two rules, “before” option has been provided
CUBE(config)#voice class sip-profiles 1 For inserting a rule
CUBE(config-class)#rule before ? between two rules,
<1-1073741823> Specify the rule tag the new before
keyword is being
CUBE(config-class)#rule before 3 ? introduced
request sip request
response sip response

• If rule <tag> option is used to configure a SIP Profile rule, then this rule
can be deleted by specifying just the tag number instead of specifying
the entire rule configuration.
CUBE(config)#voice class sip-profiles 1
CUBE(config-class)#no rule before <tag>

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Configuration Example
• For tagging the rules:

voice class sip-profiles 1

rule 1 request INVITE sip-header Contact Modify “(.*)” “\1;temp=xyz”
rule 2 request INVITE sip-header Supported Add “Supported: ”
• For inserting a rule between two rules using “before” option:

rule before 2 request INVITE sip-header To Modify “(.*)” “\1;temp=abc”

before
voice class sip-profiles 1
option
rule 1 request INVITE sip-header Contact Modify “(.*)” “\1;temp=xyz”
rule 2 request INVITE sip-header To Modify “(.*)” “\1;temp=abc”
rule 3 request INVITE sip-header Supported Add “Supported: ” The new rule has
been inserted
between #1 and
#3
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
SIP Profile Support for
Non-Standard Headers
 SIP Profile Support for Non-Standard Headers
 Introducing support for adding/copying/removing/modifying non-
standard SIP headers using SIP profiles
 A new 'WORD' option has been added to the SIP Profiles CLI chain
to allow the user to configure any non-standard SIP Header
CUBE(config)#voice class sip-profiles 1
CUBE(config-class)#request INVITE sip-header ?
Accept-Contact SIP header Accept-Contact The new “WORD”
……. option for specifying
Via SIP header Via unsupported headers
WORD Any other SIP header name
WWW-Authenticate SIP header WWW-Authenticate

CUBE(config-class)#request INVITE sip-header WORD ?

ADD addition of the header
COPY Copy a header
MODIFY Modification of a header
REMOVE Removal of a header
CUBE(config-class)#request INVITE sip-header WORD ADD “MyCustomHeader : Hussain Ali”
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
• CUBE Overview and SIP Trunk Sizing
• CUBE Architecture (Physical & Virtual)
• Transitioning to SIP Trunking using CUBE
• Advanced features on CUBE
• CUBE + SRST Colocation
• Futures & Key Takeaways

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
CUBE Dial-Peers
Call Routing
 Understanding Dial-Peer Matching Techniques:
LAN & WAN Dial-Peers
• LAN Dial-Peers – Dial-peers that are facing towards the IP PBX for sending
and receiving calls to & from the PBX. Should be bound to the LAN interface(s)
of CUBE to ensure SIP/RTP is sourced from the LAN IP(s) of the CUBE.
• WAN Dial-Peers – Dial-peers that are facing towards the SIP Trunk provider
for sending & receiving calls to & from the provider. Should be bound to WAN
interface(s) of CUBE.
Inbound LAN Dial-Peer Outbound Calls Outbound WAN Dial-Peer

A
CUCM SIP Trunk ITSP SIP Trunk
IP PSTN
CUBE

Inbound Calls
Outbound LAN Dial-Peer Inbound WAN Dial-Peer
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Understanding Inbound Dial-Peer Matching Techniques
Priority
Inbound LAN Dial-Peer Outbound Calls

Exact Pattern
Match Based on URI match A CUCM SIP Trunk SP SIP Trunk
IP
1 of an incoming Host Name/IP CUBE PSTN
INVITE message Address
Inbound Calls
Inbound WAN Dial-Peer
User portion of
2 Match based on URI Received:
Called Number Phone-number of INVITE sip:[email protected] SIP/2.0
tel-uri Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
Match based on tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
3 From: "555" <sip:[email protected]:5060>;tag=1
Calling number To: ABC <sip:[email protected]:5060>
Call-ID: [email protected]
4 Default Dial-Peer = 0 CSeq: 1 INVITE
Contact: sip:[email protected]:5060
Supported: timer
Max-Forwards: 70
Subject: BRKUCC-2934 Session
Content-Type: application/sdp
Content-Length: 226
........

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls
voice class uri 1001 sip
host ipv4:10.1.1.1 A CUCM SIP Trunk SP SIP Trunk IP
voice class uri 2001 sip PSTN
host ipv4:10.2.1.1 CUBE

A Inbound Calls
dial-peer voice 1 voip
incoming uri via 1001 Inbound WAN Dial-Peer
1 B Received:
dial-peer voice 2 voip
incoming uri request 2001 INVITE sip:[email protected] SIP/2.0
C dial-peer voice 3 voip Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
incoming uri to 2001 tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
From: "555" <sip:[email protected]:5060>;tag=1
D dial-peer voice 4 voip To: ABC <sip:[email protected]:5060>
incoming uri from 1001
Call-ID: [email protected]
CSeq: 1 INVITE
dial-peer voice 5 voip Contact: sip:[email protected]:5060
2 incoming called-number 654321 Supported: timer
Max-Forwards: 70
dial-peer voice 6 voip Subject: BRKUCC-2934 Session
3 answer-address 555 Content-Type: application/sdp
Content-Length: 226
4 dial-peer voice 7 voip
........
destination-pattern 555

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls
voice class uri 1001 sip
host ipv4:10.1.1.1

voice class uri 2001 sip A CUCM SIP Trunk SP SIP Trunk IP
PSTN
host ipv4:10.2.1.1 CUBE
A dial-peer voice 1 voip Inbound Calls
incoming uri via 1001
Inbound WAN Dial-Peer
1 B dial-peer voice 2 voip
Received:
incoming uri request 2001
C INVITE sip:[email protected] SIP/2.0
dial-peer voice 3 voip Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
incoming uri to 2001 tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
D dial-peer voice 4 voip From: "555" <sip:[email protected]:5060>;tag=1
incoming uri from 1001 To: ABC <sip:[email protected]:5060>
Call-ID: [email protected]
CSeq: 1 INVITE
dial-peer voice 5 voip Contact: sip:[email protected]:5060
2 incoming called-number 654321
Supported: timer
Max-Forwards: 70
dial-peer voice 6 voip
3 answer-address 555
Subject: BRKUCC-2934 Session
Content-Type: application/sdp
Content-Length: 226
4 dial-peer voice 7 voip
destination-pattern 555
........

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls
voice class uri 1001 sip
host ipv4:10.1.1.1
A CUCM SIP Trunk SP SIP Trunk IP
voice class uri 2001 sip
PSTN
host ipv4:10.2.1.1 CUBE
A dial-peer voice 1 voip Inbound Calls
incoming uri via 1001
Inbound WAN Dial-Peer
1 B dial-peer voice 2 voip
incoming uri request 2001 Received:
INVITE sip:[email protected] SIP/2.0
C dial-peer voice 3 voip Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
incoming uri to 2001 From: "555" <sip:[email protected]:5060>;tag=1
D dial-peer voice 4 voip To: ABC <sip:[email protected]:5060>
incoming uri from 1001
Call-ID: [email protected]
CSeq: 1 INVITE
dial-peer voice 5 voip
2 incoming called-number 654321
Contact: sip:[email protected]:5060
Supported: timer
Max-Forwards: 70
dial-peer voice 6 voip
3 answer-address 555
Subject: BRKUCC-2934 Session
Content-Type: application/sdp
Content-Length: 226
4 dial-peer voice 7 voip
destination-pattern 555
........

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls

voice class uri 1001 sip

A CUCM SIP Trunk SP SIP Trunk IP
host ipv4:10.1.1.1
PSTN
voice class uri 2001 sip CUBE
host ipv4:10.2.1.1 Inbound Calls
A
dial-peer voice 1 voip Inbound WAN Dial-Peer
incoming uri via 1001
1 B dial-peer voice 2 voip Received:
incoming uri request 2001 INVITE sip:[email protected] SIP/2.0
C dial-peer voice 3 voip Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
incoming uri to 2001 tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
From: "555" <sip:[email protected]:5060>;tag=1
D dial-peer voice 4 voip To: ABC <sip:[email protected]:5060>
incoming uri from 1001 Call-ID: [email protected]
CSeq: 1 INVITE
dial-peer voice 5 voip Contact: sip:[email protected]:5060
2 incoming called-number 654321 Supported: timer
Max-Forwards: 70
Subject: BRKUCC-2934 Session
3 dial-peer voice 6 voip
answer-address 555 Content-Type: application/sdp
Content-Length: 226
4 dial-peer voice 7 voip ........
destination-pattern 555

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls
voice class uri 1001 sip
host ipv4:10.1.1.1 A CUCM SIP Trunk SP SIP Trunk IP
voice class uri 2001 sip PSTN
host ipv4:10.2.1.1 CUBE

A dial-peer voice 1 voip Inbound Calls

incoming uri via 1001 Inbound WAN Dial-Peer
1 B dial-peer voice 2 voip
incoming uri request 2001 Received:
dial-peer voice 3 voip INVITE sip:[email protected] SIP/2.0
C incoming uri to 2001 Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
dial-peer voice 4 voip tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
D incoming uri from 1001 From: "555" <sip:[email protected]:5060>;tag=1
To: ABC <sip:[email protected]:5060>
Call-ID: [email protected]
dial-peer voice 5 voip CSeq: 1 INVITE
2 incoming called-number 654321
Contact: sip:[email protected]:5060
Supported: timer
Max-Forwards: 70
3 dial-peer voice 6 voip
answer-address 555
Subject: BRKUCC-2934 Session
Content-Type: application/sdp
Content-Length: 226
4 dial-peer voice 7 voip ........
destination-pattern 555

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls
voice class uri 1001 sip
host ipv4:10.1.1.1 A CUCM SIP Trunk SP SIP Trunk IP
voice class uri 2001 sip PSTN
host ipv4:10.2.1.1 CUBE
A dial-peer voice 1 voip Inbound Calls
incoming uri via 1001 Inbound WAN Dial-Peer
1 B dial-peer voice 2 voip
incoming uri request 2001 Received:
dial-peer voice 3 voip INVITE sip:[email protected] SIP/2.0
C incoming uri to 2001 Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
dial-peer voice 4 voip
D incoming uri from 1001 From: "555" <sip:[email protected]:5060>;tag=1
To: ABC <sip:[email protected]:5060>
Call-ID: [email protected]
dial-peer voice 5 voip CSeq: 1 INVITE
2 incoming called-number 654321 Contact: sip:[email protected]:5060
Supported: timer
dial-peer voice 6 voip Max-Forwards: 70
3 answer-address 555 Subject: BRKUCC-2934 Session
Content-Type: application/sdp
Content-Length: 226
4 dial-peer voice 7 voip
........
destination-pattern 555

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Understanding Inbound Dial-Peer Matching Techniques
Priority Inbound LAN Dial-Peer Outbound Calls
voice class uri 1001 sip
host ipv4:10.1.1.1 A CUCM SIP Trunk SP SIP Trunk IP
voice class uri 2001 sip CUBE
PSTN
host ipv4:10.2.1.1
A Inbound Calls
dial-peer voice 1 voip
incoming uri via 1001 Inbound WAN Dial-Peer
1 B dial-peer voice 2 voip
incoming uri request 2001 Received:
dial-peer voice 3 voip INVITE sip:[email protected] SIP/2.0
C incoming uri to 2001 Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
dial-peer voice 4 voip
D incoming uri from 1001 From: "555" <sip:[email protected]:5060>;tag=1
To: ABC <sip:[email protected]:5060>
Call-ID: [email protected]
dial-peer voice 5 voip
2 incoming called-number 654321 CSeq: 1 INVITE
Contact: sip:[email protected]:5060
dial-peer voice 6 voip
Supported: timer
3 answer-address 555 Max-Forwards: 70
Subject: BRKUCC-2934 Session
Content-Type: application/sdp
4 dial-peer voice 7 voip Content-Length: 226
destination-pattern 555 ........

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Outbound Dial-Peer Matching Criteria Summary
Priority Outbound WAN Dial-Peer
Outbound Calls
Match Based on DPG,
0 DPPP, COR/LPCOR if A CUCM SIP Trunk SP SIP Trunk
IP
configured CUBE PSTN
Exact Pattern Outbound LAN Inbound Calls
match Dial-Peer
Match Based on Host Name/IP Received:
URI of incoming Address INVITE sip:[email protected] SIP/2.0
1 Via: SIP/2.0/UDP 10.1.1.1:5060;x-route-
INVITE message User portion of URI tag="cid:[email protected]";;branch=z9hG4bK-23955-1-0
From: "555" <sip:[email protected]:5060>;tag=1
Phone-number of To: ABC <sip:[email protected]:5060>
tel-uri Call-ID: [email protected]
CSeq: 1 INVITE
Match based on Contact: sip:[email protected]:5060
2
Called Number Supported: timer
Max-Forwards: 70
Subject: BRKUCC-2934 Session
Content-Type: application/sdp
Content-Length: 226
........

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
 dial-peer voice 201 voip
description *Outbound WAN dial-peer. From CUBE to SP*
dial-peer voice 100 voip destination-pattern 91[2-9]..[2-9]......$
description *Inbound LAN dial-peer. From CUCM to CUBE* session protocol sipv2
session protocol sipv2 session target ipv4:66.77.37.2
incoming called-number 9T
session transport udp
voice-class sip bind control source-interface Gig0/0
voice-class sip bind media source-interface Gig0/0 voice-class sip bind control source-interface Gig0/1
dtmf-relay rtp-nte voice-class sip bind media source-interface Gig0/1
codec g711ulaw dtmf-relay rtp-nte
no vad codec g711ulaw
no vad
Inbound LAN Dial-Peer Outbound WAN Dial-Peer
Outbound Calls

A
CUCM SIP Trunk ITSP SIP Trunk
G0/0 - 10.10.1.21 CUBE G0/1 – 128.107.214.195
66.77.37.2
10.10.1.20

Outbound LAN Dial-Peer Inbound Calls Inbound WAN Dial-

dial-peer voice 200 voip Peer
dial-peer voice 101 voip description *Inbound WAN dial-peer. From Provider to CUBE*
description *Outbound LAN dial-peer. From CUBE to CUCM* session protocol sipv2
translation-profile outgoing CUBE_to_CUCM incoming uri via 200
destination-pattern +1408944....$ voice-class sip bind control source-interface Gig0/1
session protocol sipv2 voice-class sip bind media source-interface Gig0/1
session target ipv4:10.10.1.20 dtmf-relay rtp-nte
voice-class sip bind control source-interface Gig0/0 codec g711ulaw
voice-class sip bind media source-interface Gig0/0 no vad
dtmf-relay rtp-nte
codec g711ulaw voice class uri 200 sip
no vad © 2019 Cisco and/or its affiliates. All rights reserved.
host ipv4:66.77.37.2
Cisco Public
OPTIONS KeepAlive
CUBE SIP Trunk Monitoring with OOD Options
message • Out-of-dialog OPTIONS
A CUCM SIP Trunk ITSP SIP Trunk ITSP message sent to check the
status of the SIP Trunk on an
CUBE

Outbound LAN/WAN dial-peer

OOD Options

200 OK

Dial-Peer 201 = ACTIVE • The dial-peer is “busyout” if it

INVITE
INVITE does not receive a response
200 OK
200 OK
within a configurable time period
OOD Options or receives a 503 or 505
Timeout – no
response • For an INVITE that matches a
Dial-peer 201 = BUSYOUT “busyout” dial-peer, CUBE
INVITE OOD Options sends “503 Service Unavailable”
503 Service Unavailable
OOD Options • If there is a secondary dial-peer
configured, the call will be re-
routed the secondary path
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
CUBE SIP Trunk Monitoring with OOD Options
message dial-peer voice 100 voip
A CUCM SIP Trunk SP SIP Trunk SP voice-class sip options-
CUBE
SIP keepalive up-interval 20 down-
OOD Options interval 20 retry 3
200 OK
Three timers that can be configured:
INVITE
DP 100 =
ACTIVE • up-Interval: OPTIONS keepalive timer
INVITE
200 OK
interval for UP endpoint
• down-interval: OPTIONS keepalive
200 OK

OOD Options timer interval for DOWN endpoint

• retry: Retry count for OPTIONS
Timeout – no
response keepalive transmission
DP 100 = BUSYOUT
Warning:
INVITE OOD Options
• Each dial-peer that has options message
503 Service Unavailable
configured sends out a separate message.
OOD Options
• EEM Script can be used to busyout other
dial-peers
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
OOD OPTIONS Ping Keepalive Enhancement
• Each dial-peer that has OPTIONS message
A
CUCM SIP Trunk SP SIP Trunk
SP SIP
configured sends out a separate message, even if
CUBE the session targets are same
OOD Options (DP 201)
200 OK • Network bandwidth and process runtime are
DP 201 : Session Target IPv4:66.77.37.2 wasted in CUBE and remote targets to sustain
duplicate OOD OPTIONS Ping heartbeat keepalive
INVITE connection
INVITE (DP 100)
200 OK
200 OK
• Consolidate SIP OOD Options Ping connections
OOD Options (DP 211)
by grouping SIP dial-peers with same OOD
200 OK
Options Ping setup
DP 211: Session Target IPv4:66.77.37.2 • New CLI : “voice class sip-keepalive-
profile <tag>” is used to define OOD OPTIONS
OOD Options (DP 400) Ping setup
200 OK
• Consolidated SIP OOD Options Ping connection
DP 400: Session Target IPv4:1.1.1.1
will then be established with a target for multiple
SIP dial-peers with the same target and OOD
Options Ping profile setup
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
 OOD OPTIONS Ping Keepalive Enhancement –
Configuration
voice class sip-options-keepalive 1 Sample Show command output
description UDP Options consolidation CUBE#sh voice class sip-options-keepalive 1
down-interval 49 Voice class sip-options-keepalive: 1 AdminStat: Up
up-interval 180 Description: UDP Options consolidation
retry 7 Single OOD Option
Ping Group applied Transport: udp Sip Profiles: 0
transport udp
to multiple dial-peers Interval(seconds) Up: 180 Down: 49
with same session
dial-peer voice 201 voip Retry: 7
targets
destination-pattern 6666
session protocol sipv2 Peer Tag Server Group OOD SessID OOD Stat IfIndex
session target ipv4:10.104.45.253 -------- ------------ ---------- -------- -------
voice-class sip options-keepalive profile 1 201 4 Active 9
211 4 Active 10
dial-peer voice 211 voip
OOD SessID: 4 OOD Stat: Active
destination-pattern 5555
session protocol sipv2 Target: ipv4:10.104.45.253
session target ipv4:10.104.45.253 Transport: udp Sip Profiles: 0
voice-class sip options-keepalive profile 1

• With OOD Options Ping Keepalive group, an options ping keepalive connection is established on per remote target base as opposed an options ping
keepalive connection established per dial-peer basis. Up to 10,000 “voice class sip-options-keepalive <tag>” can be defined per system

• Either legacy “sip options-keepalive” or the new “sip options-keepalive profile <tag>” can be configured on a dial-peer. Dial-peers with Destination Server
Group instead of Session Target IP must use Options Keepalive Profile and not the legacy CLI.

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Destination Server Group
• Supports multiple destinations (session targets) be defined in a group and
applied to a single outbound dial-peer
• Once an outbound dial-peer is selected to route an outgoing call, multiple
destinations within a server group will be sorted in either round robin or
preference [default] order
• This reduces the need to configure multiple dial-peers with the same
capabilities but different destinations. E.g. Multiple subscribers in a cluster
voice class server-group 1 dial-peer voice 100 voip
hunt-scheme {preference | round-robin} description Outbound DP
ipv4 1.1.1.1 preference 5 destination-pattern 1234
ipv4 2.2.2.2 session protocol sipv2
ipv4 3.3.3.3 port 3333 preference 3 codec g711ulaw
ipv6 2010:AB8:0:2::1 port 2323 preference 3 dtmf-relay rtp-nte
ipv6 2010:AB8:0:2::2 port 2222 session server-group 1

* DNS target not supported in server group

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Multiple Incoming Patterns Under Same
Incoming/Outgoing Dial-peer
voice class e164-pattern-map 300
Provides the ability to combine
e164 919200200.
e164 510100100. multiple incoming called OR calling
Site A (919)200-2000
e164 408100100. numbers on a single inbound voip
dial-peer, reducing the total number
dial-peer voice 1 voip
Site B (510)100-1000
description Inbound DP via Calling of inbound voip dial-peers required
incoming calling e164-pattern-map 300 with the same routing capability
codec g729r8
Site C (408)100-1000
Up to 5000 entries in a text file

G729 Sites A SIP Trunk SP SIP Trunk

IP PSTN
CUBE

Site A voice class e164-pattern-map 400 ! This is an example of the contents

(919)200-2010
url flash:e164-pattern-map.cfg of E164 patterns text file stored
in flash:e164-pattern-map.cfg
Site B (510)100-1010dial-peer voice 2 voip
description Outbound DP via Called 9192002010
Site C (408)100-1010
destination e164-pattern-map 400 5101001010
codec g711ulaw 4081001010
G711 Sites
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Destination Dial-Peer Group
• Allows grouping of outbound dial-peers based on an incoming dial-peer, reducing
existing outbound dial-peer provisioning requirements
• Eliminates the need to configure extra outbound dial-peers that are sometimes
needed as workarounds to achieve desired call routing outcome
• Multiple outbound dial-peers are saved under a new “voice class dpg <tag>”. The
new “destination dpg <tag>” command line of an inbound voip dial-peer can be
used to reference the new dpg (dial-peer group)
• Once an incoming voip call is handled by an inbound voip dial-peer with an active
dpg, dial-peers of a dpg will then be used as outbound dial-peers for an incoming
call
• The order of outgoing call setups will be the sorted list of dial-peers from a dpg, i.e,
the destination-patterns of the outgoing dial-peers is not relevant for selection

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
 Destination Dial-peer Group Configuration
voice class dpg 10000 dial-peer voice 1001 voip
description Voice Class DPG for SJ destination-pattern 2222
dial-peer 1001 preference 1 session protocol sipv2
dial-peer 1002 preference 2 session target ipv4:10.1.1.1
dial-peer 1003 !
! dial-peer voice 1002 voip
dial-peer voice 100 voip destination-pattern 3333
description Inbound DP session protocol sipv2
incoming called-number 1341 session target ipv4:10.1.1.2
destination dpg 10000 !
dial-peer voice 1003 voip
destination-pattern 4444
session protocol sipv2
session target ipv4:10.1.1.3
1. Incoming Dial-peer is first
matched 2. Now the DPG associated with
the INBOUND DP is selected
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Media Manipulation
 Understanding the difference between MTPs and
Transcoders • Only a CUCM requirement as a placeholder, not needed
by IOS/IOS-XE devices. Always invoked by CUCM
HEADER MTP
RTP packet

• Most commonly used for DTMF interworking, IPv4-IPv6

TRANSCODER (universal, regular)
PAYLOAD • Always requires DSPs hosted in an ISR/ASR
• Can be invoked by CUCM (SCCP) or CUBE (LTI –
DSPs must be in the same box as CUBE)
H/W Uses
Only G711
IOS/IOS- based DSPs
XE based
S/W CPU Exception is Codec
based Any Codec Passthru, e.g T38
MTPs cycles

CUCM CPU Exception : Can

G711 or
convert from alaw to
based Cycles G729 (v9+) ulaw, vice versa
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
 Audio Transcoding and Transrating
iLBC, iSAC,
Speex Enterprise IP Phones:
SP VoIP VoIP G.711, G.729 20 ms,
CUBE G.722
G.729 30 ms

• Transcoding (12.4.20T) • Transcoding: G.711, G.723.1, G.726, G.728,

G.729/a, iLBC, G.722
• One voice codec to any other codec E.g. iLBC-G.711 or iLBC- • Transrating: G.729 20ms ↔ 30ms (AT&T)
G.729
• CUCM 7.1.5 or later supports universal Transcoding Packetization
Supported Codecs
(ms)
• Transrating (15.0.1M) G.711 a-law 64 Kbps 10, 20, 30
• Different packetizations of the same codec
G.711 µlaw 64 Kbps 10, 20, 30
• E.g. G.729 20ms to G.729 30ms
• Support for SIP-SIP calls G.723 5.3/6.3 Kbps 30, 60
• No sRTP support with transrating
G.729, G.729A, G.729B, 10, 20, 30, 40, 50,
dial-peer voice 2 voip !Call volume (gain/loss) adjustment G.729AB 8 Kbps 60
codec g729r8 bytes 30 fixed-bytes dial-peer voice 2 voip
audio incoming level-adjustment x G.722—64 Kbps 10, 20, 30
audio outgoing level-adjustment y

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Configuration for SCCP based Transcoding
(ISR-G2/4K)
1. Enabling dspfarm services 3. SCCP configuration
under voice-card
sccp local GigabitEthernet0/0
voice-card 1 sccp ccm <CUBE_internal_IP> identifier 1 version 7+
dspfarm ! Only ISR G2
dsp services dspfarm sccp
sccp ccm group 1
2. telephony-service configuration associate ccm 1 priority 1
telephony-service associate profile 1 register CUBE-XCODE
sdspfarm units 1
sdspfarm transcode sessions 128 4. dspfarm profile configuration
sdspfarm tag 1 CUBE-XCODE
max-ephones 10 dspfarm profile 1 transcode
max-dn 10 codec g711ulaw
ip source-address codec g711alaw
<CUBE_internal_IP> port 2000 codec g729r8
maximum sessions 10
associate application SCCP
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Configuration for LTI based Transcoding
(ISR-G2/4K & ASR)
1. Enabling dspfarm services
under voice-card
voice-card 0/1 Feature Notes:
dspfarm ! Only ISR G2 • This uses Local Transcoding Interface to
dsp services dspfarm
communicate between CUBE and DSPs
2. dspfarm profile configuration • Also available on ISR-G2 starting IOS 15.2.3T
• Can only be used if CUBE invokes the DSP
dspfarm profile 1 transcode for media services
codec g711ulaw
codec g711alaw • CUCM cannot invoke DSPs using this LTI
codec g729abr8 interface
codec g729ar8 • Supported with CUBE HA
codec ilbc
maximum sessions 100
associate application CUBE

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Serviceability
Debugging Made Easier
Categorize Debugs based on Functionality
 Categorization based on
Functionality Router# debug ccsip feature < audio | cac |
1. Audio/video/sdp/control config | control | dtmf | fax | line | misc |
2. Configuration /sip-transport misc-features | parse | registration | sdp-
3. CAC negotiation | sdp-passthrough | sip-profiles |
4. DTMF/FAX/Line-side sip-transport | srtp | supplementary-services
5. Registration | transcoder | video >
6. Sdp - passthrough
7. Sip-profile/SRTP/transcoder
Example: enabling DTMF and audio debugs only with default log level is considered.
DTMF(32) debug code
CUBE#sh debugging
CCSIP SPI: SIP info debug tracing is enabled (filter is OFF)
CCSIP SPI: audio debugging for ccsip info is enabled (active) Audio(2) debug code
CCSIP SPI: dtmf debugging for ccsip info is enabled (active)

May 21 17:54:53.377: //444/5FE632EB8479/SIP/Info/verbose/32/sipSPI_ipip_store_channel_info: dtmf negotiation

done, storing negotiated dtmf = 0,
May 21 17:54:53.377: //444/5FE632EB8479/SIP/Info/info/2/sipSPIUpdateCallEntry:
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
 Debugging Made Easier
Categorize Debugs based on Functionality|-----------------------------------------------
| show cube debug category codes values.
CUBE# show cube debug category codes |-----------------------------------------------
| Indx | Debug Name | Value
|-----------------------------------------------
| 01 | SDP Debugs | 1
 This CLI is used to collect the | 02 | Audio Debugs | 2
predefined debug features | 03 | Video Debugs | 4
| 04 | Fax Debugs | 8
category codes , which helps in | 05 | SRTP Debugs | 16
analysis of debugs manually. | 06 | DTMF Debugs | 32
| 07 | SIP Profiles Debugs | 64
| 08 | SDP Passthrough Deb | 128
| 09 | Transcoder Debugs | 256
| 10 | SIP Transport Debugs | 512
| 11 | Parse Debugs | 1024
| 12 | Config Debugs | 2048
| 13 | Control Debugs | 4096
| 14 | Mischellaneous Debugs| 8192
| 15 | Supp Service Debugs | 16384
| 16 | Misc Features Debugs| 32768
| 17 | SIP Line-side Debugs | 65536
| 18 | CAC Debugs | 131072
| 19 | Registration Debugs | 262144
|-----------------------------------------------

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
Avoiding Non-Call-Context Debug Logs
• Many times SIP debugs contain unrelated debugs that are not useful
in debugging issues related to call failures
• Starting CUBE 10.0.1, non-call-context debugs will not be printed
when debug ccsip is issued
• This applies to messages originating from CUBE. Non-call context
INBOUND messages towards CUBE will still be printed when debug
ccsip is issued.
• If a message is not part of any call, that debug will not be printed
• Affected messages: OPTIONS, REGISTER, SUBSCRIBE/NOTIFY
• To see the above OUTBOUND messages in debugs, issue the
following command
debug ccsip non-call
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
 Total Number of Active Concurrent Calls
Total Number of Active Calls
Router# show call active total-calls
 A single call can have multiple call-
Total Number of Active Calls : 10
legs. To determine the total
number of active calls from call- Connected
legs is challenging Call Flow Call-legs
call
 CLI added to display the value of Basic call (audio/video) 2 1
current number of active
(connected) calls on CUBE Transferred call (Refer 3 2
handling)
 The table defines the relation
between call-legs and number of Transcoded call (SCCP) 4 1
active calls Calls after rotary/hunt 2+x 1
Forwarded calls (CUBE 3 1
handling)
Forked call (media forking) 3 2
Forked call (signaling forking) 2 1

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
External/PSTN Call
Recording
External/PSTN Call Recording Options
• CUBE Controlled (Dial-peer based SIPREC)
• Based on SIPREC (RFC 6341, 7245, Metadata-draft-17, Protocol-draft-15), CUBE
sends metadata in XML format
• Dial-peer controlled, IP-PBX independent
• Source of recorded media (RTP only) is always CUBE (External calls only). For
SRTP-RTP calls, apply media forking CLI on the RTP leg only.
• Records both audio and video calls and supported with CUBE HA (Inbox or box-2-
box)
• CUCM NBR (Network Based Recording)
• CUCM Controlled, requires CUCM 10+ and UC Services API be enabled on CUBE
• Recording triggered by CUCM and this mode records only Audio calls
• Source of Recorded Media can be CUBE or Endpoint (BiB), CUBE as source
desired for PSTN calls
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
 CUBE Controlled Recording Option - SIPREC
Dial-peer based – SIPREC Standard
• SIP is used as a protocol between CUBE and the recording server, where CUBE acts as the recording
client and any third party recorder acts as the recording server
• Along with SDP, metadata information is passed by CUBE to the recording server in XML format

SIPREC Compliant Recorder Recorder • Metadata includes the

communication session details of
audio or video calls and also
identifies the participants of the call
XML Metadata
A SIP SIP
SP SIP
CUBE
RTP RTP

media class 9 dial-peer voice 950 voip

• SIP Profiles can recorder parameter siprec description dial-peer pointing to MediaSense

additionally be used to media-recording 950 destination-pattern 9999 ! Dummy

Needs to
session protocol sipv2
forward 3rd party IP PBX dial-peer voice 901 voip match
session transport tcp
Call Identifier to the description dial-peer that needs to be forked session target ipv4:<Recorder_IP>
Recorder for Correlation session protocol sipv2 ! Bind on this DP mandatory
media-class 9
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sample SIPREC XML Metadata Generated

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
 CUCM (10.X or later) Controlled Recording
UC Services API – Network Based
3. Recording

1. Enable HTTP on IOS

Gateway/CUBE Recording ip http server
Enabled http client persistent

2. Enable the API on IOS

4. uc wsapi
1. 2. source-address [IP_Address_of_CUBE]

3. Enable XMF service within the API

5. provider xmf
remote-url 1 http://CUCM:8090/ucm_xmf
no shutdown

[1] – [3]: An external call is answered by user with IP phone

[4] – [5]: CUCM sends forking request over HTTP to CUBE, which
sends two media streams towards the Recording Server
• Recording not preserved on failover in CUBE HA
• Selective Recording, Mobile/SNR/MVA Calls
• Recording Call Preservation

Now Supports Inbound CVP (Survivability.tcl) Call Recording

[IOS 15.6(1)T, IOS-XE 3.17] BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
Introducing
CUBE Media Proxy
Existing Recording Architectures
• Current recording architectures allow only one fork from each leg (in-
leg/out-leg) to only one recorder
• No support for forking secure RTP stream
• MiFiD II Compliance requirements:
• Support for more than one recorders
• High Availability (Redundancy)
• Secure forking
• Call scenarios support
• External calls (inbound/outbound from/to ITSP, PSTN calls)
• Internal calls (on-prem calls)
• Contact center
• Common Metadata

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
CUBE Media Proxy: Overview
• Media proxy is based on CUBE architecture
• Supports the same ISR 4Ks, ASR1Ks, CSR1K on which CUBE is supported
today
• Call Recording mechanism (triggers) is CUCM NBR based (GW based and
Phone BiB)
• Media proxy solution provides multiple forking function, required for recorder
redundancy and advanced media processing needs
• Media proxy is designed to fork media to multiple recorders i.e. multiple forked
legs, and supports up to 5 recorders
• CUBE Media Proxy High Availability is also supported
• CUSP supports Media proxy with recorder redundancy and load balancing
• Secured forking (SRTP – SRTP)
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
 CUCM NBR GW forking to Media Proxy
CUBE Media Proxy Prerequisites:
• IOS-XE: 16.10.1a or later
• Unified Communication Manager: 12.5+ Recorder1
• Validated with Verint recording solution

RTP

Recorder2
Media Proxy
RTP

CUCM NBR – GW
based recording Speech Analytics

SIP SIP
SP SIP
CUBE RTP

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
 Phone BiB forking to CUBE Media Proxy
CUBE Media Proxy Prerequisites:
• IOS-XE: 16.10.1a or later
• Unified Communication Manager: 12.5+ Recorder1
• Validated with Verint recording solution

RTP

Media Proxy Recorder2

Phone BiB
Recorder3

SIP
SP SIP
SIP CUBE
RTP

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
CUBE Media Proxy: Design requirements
• Video call Recording is not supported today
• Secure media (SRTP) forking of non-secure calls is not supported
• CUBE Media Proxy and CUBE cannot be co-located

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Multiple Non-
Authenticated SIP
Trunks on a CUBE
 Non-Authenticated SIP Trunking to more than
one Service Provider
SIP SP-1 Large enterprises are deploying more
(10.10.10.2)
than one SIP Trunk provider for:
A
Active • Alternate call routing
CUBE SIP SP-2
(20.20.20.2)
• Load balancing
Enterprise
Campus
MPLS
interface loopback1 dial-peer voice 20 voip
SIP SP-1’s ip address 10.10.10.1 255.255.255.0 description “Secondary path to SIP SP-2”
network destination-pattern 91[2-9]..[2-9]......
interface loopback2 session protocol sipv2
SIP SP-2’s
SRSTip address 20.20.20.1 255.255.255.0 session target ipv4:20.20.20.2
network preference 2
dial-peer voice 10 voip voice-class sip options-keepalive
description “Primary path to SIP SP-1” voice-class sip bind control source-interface loopback2
CME
destination-pattern 91[2-9]..[2-9]...... voice-class sip bind media source-interface loopback2
session protocol sipv2
session target ipv4:10.10.10.2 TDM PBX NOTE: Dual SPs can be used for outbound calls, but to
Enterprisesip options-keepalive
voice-class be utilised for inbound calls, arrangements between
Branch Offices
voice-class sip bind control source-interface loopback1 SPs required
voice-class sip bind media source-interface loopback1 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Multiple Authenticated /
Registered SIP Trunks on
a CUBE
Multiple Instances of SIP-UA on a CUBE
Existing Implementation, prior to IOS 15.6(2)T and IOS-XE 16.3.1
• CUBE Configuration generally consists of
• Global – Everything under voice service voip
• Call Routing – Dial-peers (Any configuration under dial-peers always overrides Global config)
• SIP User Agent Config – Everything under sip-ua, applicable globally on the platform

• No provision to configure specific bind/credentials/outbound proxy

for different registrar
• No provision to configure specific configs (e.g. timers, retry) for
different tenants
• Unable to handle authentication challenge for more than one trunk
that have the same SIP realm
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Introducing Tenants on CUBE

• Every Registrar/User Agent/ITSP connected to CUBE can be

considered a Tenant to CUBE
• Allows specific global configurations (CLI under sip-ua) for multiple
tenants such as specific SIP Bind for REGISTER messages
• Allows differentiated services for different tenants
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
 “Voice class Tenant” Overview
• Most configs under “sip-ua” and “voice service voip” added in “voice class tenant <tag>”,
e.g. Registrar and Credentials CLI under tenant using different bind and outbound proxy
Prior to Multi Tenancy
sip-ua
registrar 1 ipv4:60.60.60.60:9051 expires 3600 Global OB Proxy and Bind
registrar 2 ipv4:70.70.70.70:9052 expires 3600
credentials username aaaa password 7 06070E204D realm aaaa.com
credentials username bbbb password 7 110B1B0715 realm bbbb.com E164 - aaaa Registrar - 1
voice service voip
outbound-proxy ipv4:10.64.86.35:9057
bind control source-interface GigabitEthernet0/1 E164 - bbbb Registrar - 2

With Voice Class Tenant (Multi-Tenancy)

voice class tenant 1
registrar 1 ipv4:60.60.60.60:9051 expires 3600 OB Proxy 1 & Bind-1
credentials username aaaa password 7 06070E204D realm aaaa.com E164 - aaaa Registrar - 1
outbound-proxy ipv4:10.64.86.35:9057
bind control source-interface GigabitEthernet0/0
voice class tenant 2
registrar 1 ipv4:70.70.70.70:9052 expires 3600
OB Proxy 2 & Bind-2
credentials username bbbb password 7 110B1B0715 realm bbbb.com E164 - bbbb Registrar - 1
outbound-proxy ipv4:10.64.86.40:9040
bind control source-interface GigabitEthernet0/1
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
 Configuring Voice Class Tenant
• Configure voice class tenant
voice class tenant 1 Add new voice class
registrar 1 ipv4:10.64.86.35:9052 expires 3600 tenant
credentials username aaaa password 7 06070E204D realm aaaa.com
credentials number bbbb username bbbb password 7 110B1B0715 realm bbbb.com
bind control source-interface GigabitEthernet0/0
bind media source-interface GigabitEthernet0/0
copy-list 1
outbound-proxy ipv4:10.64.86.35:9055
early-offer forced

• Apply tenant to the desired dial-peer

dial-peer voice 1 voip
destination-pattern 111
session protocol sipv2
session target ipv4:10.64.86.35:9051
session transport udp Apply Tenant to a
voice-class sip tenant 1 Dial-peer
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Security Updates
Secure SIP Trunks with CUBE
LAN WAN
Gig0/0/0 Gig0/0/1
SIP TLS TCP/UDP SP IP
RTP Network
SRTP CUBE

• Interworking between all three transport types is supported : UDP/TCP/TLS

• IOS-XE based platforms do not require DSPs for SRTP-RTP interworking
• TLS Exclusivity can be configured with “transport tcp tls v1.2”
• NGE Crypto supported for SRTP-SRTP (IOS-XE 16.5.2), SRTP-RTP, SRTP
pass-thru
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
High Availability
Updates
CUBE HA Design Considerations on ASR1K/ISR-4K/vCUBE for Box-
to-Box Redundancy

• Uses Redundancy Group (RG) Infrastructure Protocol

• GE0/0/0 and GE0/0/1 are referred to as traffic (SIP/RTP) interfaces and GE0/0/2 is
RG (Redundancy Group) Control/data interface
• A max of 2 CUBE HA pairs can be deployed in a single layer 2 domain (RG
Control/Data interface)
• All signaling/media is sourced from/to the Virtual IP Address

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
CUBE HA Design Considerations on ASR1K/ISR-4K/vCUBE for Box-
to-Box Redundancy

• Anytime a platform is reloaded in a CUBE-HA relationship, it always boots up as Standby

• Lower address for all the interfaces (GE0/0/0, GE0/0/1, and GE0/0/2) should be on the
same platform
• Redundancy Interface Identifier, rii (HSRP Group number) should be unique to a
pair/interface combination on the same L2
• Multiple traffic (SIP/RTP) interfaces (GE0/0/1, GE0/0/1) require interface tracking to be
configured
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
CUBE HA Design Considerations on ASR1K/ISR-4K/vCUBE for Box-
to-Box Redundancy

• Configuration on both the CUBEs must be identical including physical configuration and
must be running on the same type of platform and IOS-XE version. Loopback
interfaces cannot be used as bind as they are always up. Sub-interfaces are supported
• Starting IOS-XE 16.3.1, Port channel is supported for both RG Control/data and traffic
interfaces
• No media-flow around or UC Services API (CUCM NBR) support for CUBE HA
• CUBE-HA preserves both signaling and media and is not supported over a crossover
cable connection for the RG-control/data link (GE0/0/2)
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
 CUBE HA Design Considerations on ASR1K/ISR-4K/vCUBE for Box-
to-Box Redundancy

• Both platforms must be connected via a physical Switch across all likewise interfaces for
CUBE HA to work, i.e. GE0/0/0 of CUBE-1 and CUBE-2 must terminate on the same
switch and so on. Multiple interfaces/sub-interfaces can be used on either LAN or WAN
side
• Cannot have WAN terminated on CUBEs directly or Data HA on either side. Both
Active/Standby must be in the same Data Center
• When configuration is applied and saved, the platform must go through a reload cycle
• Running configuration should always be saved to avoid losing it due to the reload by design
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
CUBE HA Design Considerations on ASR1K/ISR-4K/vCUBE for Box-
to-Box Redundancy

• LTI based transcoding called flows are preserved starting IOS-XE 3.15. Requires same
DSP module capacity on both active and standby in the same slot/subslot. CPA calls
(prior to being transferred to the agent), SCCP based media resources, Noise
Reduction, ASP, transrating calls are not checkpointed
• Upon failover, the previously ACTIVE CUBE goes through a reload by design, preserving
signaling/media
• It is mandatory to use separate L3 interface for redundancy (RG Control/data, GE0/0/2).
i.e interface used for traffic cannot be used for HA keepalives and checkpointing
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
CUBE Configuration on ASR/ISR-4K/vCUBE Box-to-Box Redundancy

CUBE 1 CUBE 2
Disables software redundancy redundancy
redundancy
For ASR1006: mode rpr mode none
mode none
application redundancy application redundancy
group 1 group 1
name voice-b2bha Configure RG name voice-b2bha
priority 100 failover threshold 75 Group for use priority 100 failover threshold 75
control GigabitEthernet 0/0/2 protocol 1 control GigabitEthernet 0/0/2 protocol 1
with CUBE HA
data GigabitEthernet 0/0/2 data GigabitEthernet 0/0/2
timers delay 30 reload 60 timers delay 30 reload 60

voice service voip Turn on CUBE voice service voip

mode border-element Redundancy mode border-element
allow-connections sip to sip allow-connections sip to sip
redundancy-group 1 redundancy-group 1

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
CUBE Configuration on ASR1K/ISR-4K/vCUBE Box-
to-Box Redundancy

CUBE 1 CUBE 2
track 1 interface GigabitEthernet 0/0/0 track 1 interface GigabitEthernet 0/0/0
line-protocol line-protocol
track 2 interface GigabitEthernet 0/0/1 track 2 interface GigabitEthernet 0/0/1
line-protocol Track interfaces line-protocol
to trigger
redundancy switchover redundancy
application redundancy application redundancy
group 1 group 1
track 1 shutdown track 1 shutdown
track 2 shutdown track 2 shutdown

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
 CUBE Configuration on ASR1K/ISR-4K/vCUBE Box-to-Box
Redundancy

CUBE 1 CUBE 2
interface GigabitEthernet0/0/0 Inside interfaces : interface GigabitEthernet0/0/0
description “Enterprise LAN” description “Enterprise LAN”
Redundancy Interface ip vrf forwarding LAN-VRF
ip vrf forwarding LAN-VRF
Identifier 1 ip address 10.10.1.2 255.255.255.0
ip address 10.10.1.1 255.255.255.0
redundancy rii 1 VRF ID : LAN-VRF (if redundancy rii 1
redundancy group 1 ip 10.10.1.3 exclusive applicable) redundancy group 1 ip 10.10.1.3 exclusive

interface GigabitEthernet0/0/1 interface GigabitEthernet0/0/1

Outside interfaces: description “Enterprise WAN”
description “Enterprise WAN”
ip vrf forwarding WAN-VRF Redundancy Interface ip vrf forwarding WAN-VRF
ip address 20.20.1.1 255.255.255.0 Identifier 2 ip address 20.20.1.2 255.255.255.0
redundancy rii 2 VRF ID : WAN-VRF (if redundancy rii 2
redundancy group 1 ip 20.20.1.3 exclusive applicable) redundancy group 1 ip 20.20.1.3 exclusive

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
 CUBE Configuration on ASR1K/ISR-4K/vCUBE
Box-to-Box Redundancy

CUBE 1 CUBE 2

interface GigabitEthernet 0/0/2 RG Control/Data interface : interface GigabitEthernet 0/0/2

ip address 3.3.1.1 255.255.255.0 CANNOT HAVE VRFs associated ip address 30.3.1.2 255.255.255.0

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
CUBE Configuration on ASR1K/ISR-4K/vCUBE
Box-to-Box Redundancy
Configuration on Active and Standby
dial-peer voice 100 voip
description to-SIP-SP Bind traffic destined to the outside (SP SIP
destination-pattern 9T trunk) to the outside Physical interface to
session protocol sipv2 make sure it uses the virtual IP address as
session target ipv4:y.y.y.y the source-IP for all calls
voice-class sip bind control source-interface GigabitEthernet0/0/1
voice-class sip bind media source-interface GigabitEthernet0/0/1
!
dial-peer voice 200 voip Bind traffic destined to the inside (CUCM or
description to-CUCM IP-PBX) to the inside Physical interface
destination-pattern 555….
session protocol sipv2
session target ipv4:10.10.1.10
voice-class sip bind control source-interface GigabitEthernet0/0/0
voice-class sip bind media source-interface GigabitEthernet0/0/0
!
ip rtcp report interval 3000
! Configure media inactivity feature to
gateway clean up any calls that may not
media-inactivity-criteria all disconnect after a failover
timer receive-rtcp 5
timer receive-rtp 86400

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
 Additional Supported options for CUBE HA
CUBE-1

PortChannel2
Gig0/0/0
Gig0/0/2.200
Gig0/0/2.100 – ITSP 1
Gig0/0/1
CUBE
Gig0/0/3 Gig0/0/4 ITSP 1
PortChannel34

redundancy

redundancy

redundancy
vPC
WAN

rii 1

rii 2

rii 3
Switch D Switch E Switch A Switch B Switch C Edge
vPC
PortChannel34
CUCM ITSP 2
Gig0/0/3 Gig0/0/4
Gig0/0/1
PortChannel2

Gig0/0/2.100
Gig0/0/2.200 – ITSP 2
Gig0/0/0 CUBE
CUBE-2
• The RG control data interfaces can be a sub interface that is part of the same port channel used for voice traffic. This will go to switch D and E
thereby eliminating the need for additional switches for RG control/data. This is provided there is sufficient bandwidth for voice + RG
data/control on the port channel (for example when using 10G)
• Multiple ITSPs or multiple trunks from the same ITSP can be terminated on the same CUBE ENT HA (ISR G2, ISR 4K, ASR 1K, vCUBE) pair
• Port Channel(s) can be used on the WAN/ITSP side as well as shown for the BRKCOL-2125 © 2019
LAN side in the above Cisco and/orwith
diagram its affiliates.
L2 All rights
and CEreserved.
router 101
Ciscoredundancy
Public
 Additional Supported options for CUBE HA
CUBE-1

CUBE
TenGig0/0/3 TenGig0/0/4
PortChannel34.30
vPC
redundancy redundancy
Switch A Switch B
rii 1 rii 2 Switch C
WAN Edge
PortChannel34.30
CUCM TenGig0/0/3 TenGig0/0/4

CUBE
CUBE-2
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 102
Agenda
• CUBE Overview and SIP Trunk Sizing
• CUBE Architecture (Physical & Virtual)
• Transitioning to SIP Trunking using CUBE
• Advanced features on CUBE
• CUBE + SRST Colocation
• Futures & Key Takeaways

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
CUBE + SRST
Colocation
 Cisco Unified Border Element – Router Integration
An Integrated Network Infrastructure Service

CUBE and SRST Cisco Unified Border Element TDM Gateway

 Address Hiding
Prior to SRST 12.1 PSTN Backup
 H.323 and SIP interworking
SCCP SRST on  DTMF interworking
ISR G2 w/CUBE  SIP security
 Transcoding
Voice Policy
is supported CUBE
Note: An SBC appliance would
have only these features
SIP SRST on ISR
G2 w/CUBE is
not supported WAN & LAN IP Routing &
Physical MPLS
Any SRST on ISR Interfaces
4K with CUBE Unified CM
SRST
co-located was Conferencing and
FW, IPS, Transcoding
not supported VXML
QoS
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
Branch CUBE Deployment with SRST Provisioned
Branch with Unified SRST Provisioned
on the same platform as CUBE
Unified CM LAN Dial-Peers WAN Dial-Peers

CUBE
Gig0/0
PSTN
Enterprise Gig0/1

Data IP WAN
Center RTP
SIP - Trunkside
SIP - Lineside
SIP Endpoints
Enterprise LAN ITSP WAN (SIP Provider)
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
Branch losing connectivity to Unified CM across
the Enterprise WAN
Branch with no WAN connectivity

Unified CM LAN Dial-Peers WAN Dial-Peers

CUBE
Gig0/0
PSTN
Enterprise Gig0/1

Data IP WAN
Center RTP
SIP - Trunkside
SIP - Lineside

Enterprise LAN ITSP WAN (SIP Provider)

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
Branch Operating in SRST mode with CUBE SIP
Trunk for PSTN calling
Branch in SRST mode
Unified CM LAN Dial-Peers (Busied WAN Dial-Peers (Unchanged)
Out)
SRST
Gig0/0
PSTN
Enterprise Gig0/1

Data IP WAN Voice Register

Center Pool / DNs
RTP
SIP - Trunkside
SIP - Lineside

Enterprise LAN ITSP WAN (SIP Provider)

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 108
 How Call Control works on an ISR platform
HUSALI-SRST#show dial-peer voice summary
dial-peer hunt 0
AD PRE PASS OUT
TAG TYPE MIN OPER PREFIX DEST-PATTERN FER THRU SESS-TARGET STAT PORT
911 voip up up 911$ 0 syst ipv4:5.5.5.5
20001 pots up up 2222$ 0 50/0/1
40001 voip up up 4444$ 0 syst ipv4:10.1.1.1
• SCCP CME/SRST creates virtual voice port (EFXS) for a registered SCCP
Phone for receiving and sending calls
• Each ephone-dn creates a virtual pots dial-peer beginning with 20XXX TAG

• SIP CME/SRST creates virtual voip dial-peers (voice register dn <tag>)

beginning with 40XXX TAG

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
CUBE – SRST Co-Location
• Co-location of Unified SIP SRST and Unified Border Element is supported
only on ISR4000 series platforms.

• Validated for all Cisco SIP IP Phones including 69XX, 78/7900, 8800 and
9900 Series. Not validated for SCCP endpoints. Non-Secure Jabber also
supported.

• Not supported with E-SRST and Secure-SRST.

• During WAN outage, phones registered to Unified SIP SRST can place or
receive PSTN calls through CUBE’s ITSP SIP trunk.

• Dynamic dial-peers are created for phones falling back to Unified SRST;
voice class tenant configuration is leveraged to segregate trunk-side and
line-side features than global config (voice service voip, sip-ua)
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
CUBE – SRST Co-Location Configuration
Recommendations
• Move ITSP SIP trunk specific voice service voip and sip-ua
configurations under voice class tenant and apply that tenant to
WAN Dial-peers.
• This avoids configuration conflict between ITSP specific SIP trunking
requirements and Enterprise LAN side dial-peers. When a tenant is
configured and applied under a dial-peer, the IOS-XE configurations
are applied in the following order of preference:

• Dial-peer configuration
• Tenant configuration
• Global configuration (voice service voip / sip-ua)

• Do not configure “incoming called-number .T” on an inbound LAN dial-peer

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
CUBE – SRST Co-Location Configuration
Recommendations
• The virtual dial-peers (40XXX TAG) created after the phones (registered to
Unified Communications Manager) fall back on Unified SRST are dynamic
dial-peers. Configurations under voice service voip and sip-ua are inherited
by these dynamic dial-peers

• Dial-peer groups feature should only be used on an Inbound LAN Dial-peer.

Do not configure dial-peer groups on the Inbound WAN dial-peers

• Configure SIP Options Request Keepalives to monitor reachability towards

Unified Communications Manager on Outbound LAN Dial-peers

• If dial-peers are using voice class codec, configure the same voice class
codec under voice register pool

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
CUBE – SRST Co-Location Feature Set
• SRST Line Side Features • SIP Trunk Features

 Incoming & Outgoing Basic  SIP-UA

Call  Outbound Proxy
 Hold-Resume  TLS/SRTP - UDP/ RTP Interworking
 Call Forward  IP Trust List
 Call Transfer  Voice Class Tenant
 Conference (Built-in Bridge)  RTP-NTE DTMF
 Hunt Groups  SIP Normalization
 Bind Global /Dial-peer
 PAI

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
Agenda
• CUBE Overview and SIP Trunk Sizing
• CUBE Architecture (Physical & Virtual)
• Transitioning to SIP Trunking using CUBE
• Advanced features on CUBE
• CUBE + SRST Colocation
• Futures & Key Takeaways

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
CUBE Licensing
Updates
NOTE : Subject to Change
CUBE Licensing
• Will still remain honor based
• July 2018 release (16.9.1) default is Classic Licensing mode (RTU)
• CUBE version 12.5 or later: (IOS-XE 16.10) Smart Licensing mode is the only
option, though CUBE feature use is still RTU (Right-to-Use). So even though
the box will be registered to CSSM, it won't demand any CUBE licenses. It
will however, request UCK9, security etc. and hence, it is recommended to
familiarize yourselves with Smart Licensing
• Note: Recommendation is to use IOS-XE 16.10.2 or later for CUBE 12.5
features
• Additional changes wrt to SL will be added for CUBE, however, there are no
plans for CUBE licensing enforcement, i.e. calls will not be denied should
CSSM respond out of compliance.
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
CUBE Trunkside Simplified Offer PID Structure
Summary
New CUBE Offer w/Smart Licensing Summary
Benefits of New Licensing structure
• Easier to order and activate
• No RTUs/License file to manage/track
• Easy entitlement/compliance tracking
• License Pooling & Transferability
• Active SWSS support provides license transferability – minimum one year SWSS
with new license purchase
• Accurate source for entitlement reports
• Single location to view usage reports
• Ability to deposit licenses into the Smart Account and share across virtual
accounts
• New Features
• Lineside and Media Proxy
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 119
Key Takeaways
• CUBE + ZBFW is now supported on ISR 4K and recommended release is 16.6.3
onwards
• Newer platforms support such as ISR1100 series from April 2019

• Enterprise SBC (Cisco Unified Border Element - CUBE) is an essential component of a

UC solution providing;
• Security, Session Management, Interworking, Demarcation
• Over 37,000 Enterprise customers all over the Globe
• Proven interoperability with 3rd party PBX vendors and different service providers
around the world (more than 165 countries)
• Now is the time to deploy SIP Trunking in either a Centralized or a Distributed solution
to save money, simplify your topology and setup your infrastructure for future services
• Complete feature Presentations, Lab Guide, Free Hands-on Lab access & Application
Notes

https://cisco.box.com/cube
BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 120
 Cisco Webex Teams

Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session

How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

cs.co/ciscolivebot#BRKCOL-2125

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations

Don’t forget: Cisco Live sessions will be available for viewing

on demand after the event at ciscolive.cisco.com

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 122
Continue Your Education

Demos in Meet the Related

Walk-in
the Cisco engineer sessions
self-paced
Showcase labs 1:1
meetings

BRKCOL-2125 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 123
Thank you