CISCO Catalyst SD-WAN Systems and Interfaces Configuration User Guide

: June 15, 2024
: Cisco

Table of Contents

CUBE Configuration
Information About CUBE
Restrictions for CUBE Configuration
Use Cases for CUBE
Configure CUBE
CUBE Commands
References
Read User Manual Online (PDF format)
Download This Manual (PDF format)

CISCO Catalyst SD-WAN Systems and Interfaces Configuration User Guide

CUBE Configuration

Note
To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco manage to Cisco Catalyst SD-WAN Manager, Cisco venally tics to Cisco Catalysts-WAN Analytics, Cisco bonito Cisco Catalysts-WAN Validator, and Cisco start to Cisco Catalyst SD-WAN Controller. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product.

Table 1: Feature History

Feature Name	Release Information	Description
Cisco Unified Border Element Configuration	Cisco IOS XE Catalyst SD-WAN
Release 17.7.1aCisco v Manage Release 20.7.1	This feature lets you configure

Cisco Unified Border Element (CUBE) functionality by usingCisco IOS XE Catalyst SD-WAN device CLI templates or CLIadd-on feature templates.
Secure SRST Support on Cisco Catalyst SD-WAN| Cisco IOS XE Catalyst SD-WAN Release 17.10.1aCisco v Manage Release 20.10.1| This feature enables you to configure Cisco Survivable Remote Site Telephony (SRST) commands on Cisco IOS XE Catalysts-WAN devices using Cisco SD-WAN Manager device CLI templates or CLI add-on feature templates. The feature also provides additional Cisco Unified Border Element (CUBE) commands that are qualified for use in Cisco SD- WAN Manager device CLI templates or CLI add-on feature templates.

This chapter provides information about configuring devices for Cisco Unified Border Element (CUBE).

Information About CUBE, on page 2
Supported Devices for CUBE Configuration, on page 2
Restrictions for CUBE Configuration, on page 3
Use Cases for CUBE, on page 3
Configure CUBE, on page 3
CUBE Commands, on page 4

Information About CUBE

CUBE bridges voice and video connectivity between two VoIP networks. It is similar to a traditional voice gateway, except for the replacement of physical voice trunks with IP-based voice trunks. Traditional gateways connect VoIP networks to telephone companies by using a circuit-switched connection, such as PRI. CUBE connects VoIP networks to other VoIP networks and enterprise networks to Internet telephony service providers
(ITSPs).

CUBE provides conventional Session Border Controller (SBC) functions and a wide variety advanced features.

You can configure Cisco IOS XE Catalyst SD-WAN devices for CUBE by using device CLI templates or CLI add-on feature templates.

For more information about the CUBE setup, functionality, usage, configuration, and related topics, see the Cisco Unified Border Element Configuration Guide.

Supported Devices for CUBE Configuration

Cisco 1000 Series Integrated Services Routers
Cisco 4000 Series Integrated Services Routers
Cisco Catalyst 8200 Series Edge Platforms
Cisco Catalyst 8300 Series Edge Platforms
Cisco Catalyst 8000v Software Router
Cisco ASR 1001-X Router
Cisco ASR 1002-X Router
Cisco ASR 1006-X Router with the Cisco ASR1000-RP3 Module, and the Cisco ASR1000-ESP100 or ASR1000-ESP100-X Embedded Services Processor
Cisco ASR 1004 Router with the RP2 Route Processor and the Cisco ASR 1000-ESP40 Embedded Services Processor
Cisco ASR 1006 Router with the RP2 Route Processor and the Cisco ASR 1000-ESP40 Embedded Services Processor
Cisco ASR 1006-X Router with the RP2 Route Processor and the Cisco ASR 1000-ESP40 Embedded Services Processor

Restrictions for CUBE Configuration

High-availability configuration is not supported for CUBE.

Use Cases for CUBE

CUBE can be used to configure session border controller elements for a wide variety of applications, including the following:

Enterprise premises-based collaboration capabilities using Cisco Unified Communications Manager (or another call control application) with centralized or local PSTN breakouts
A local breakout gateway for Cisco Unified Communications Manager Cloud, which is a Cisco-hosted cloud service for large enterprises
A local gateway to enable the Bring Your Own PSTN (BYoPSTN) option for Cisco Webex Calling
Edge audio for Cisco WebEx meetings with a direct VoIP route to the Cisco WebEx cloud or through existing PSTN services

Configure CUBE

To configure a device to use the CUBE functionality, create a Cisco IOS XE Catalyst SD-WAN device CLI template or a CLI add-on feature template for the device.

For information about device CLI templates, see CLI Templates for Cisco IOS XE Catalyst SD-WAN Device Routers.

For information about CLI add-on feature templates, see CLI Add-On Feature Templates.
For information about CUBE configuration and usage, see Cisco Unified Border Element Configuration Guide.

For information about the CUBE commands that Cisco Catalysts-WAN supports for use in a CLI template, see CUBE Commands .

The following example shows a basic CUBE configuration using a CLI add-on template:

voice service voip ip address trusted list ipv4 10.0.0.0.255.0.0.0 ipv6 2001:DB8:0:ABCD::1/48
allow-connections sip to sip sip no call service stop dial-peer voice 100 VoIP description Inbound LAN side dial-peer session protocol sipv2 incoming called number .T voice-class codec 1 dam-relay rap note

dial-peer voice 101 voip description Outbound LAN side dial-peer destination pattern [2-9] session protocol sipv2 session target ipv4:10.10.10.1 voice- class codec 1 dam-relay rap note !

dial-peer voice 200 VoIP description Inbound WAN side dial-peer session protocol sipv2 incoming called-number .T voice-class codec 1 dtmf-relay rtp- nte !

dial-peer voice 201 voip description Outbound WAN side dial-peer destination pattern [2-9] session protocol sipv2 session target ipv4:20.20.20.1 voice- class codec 1 dam-relay rap note

CUBE Commands

The following table lists the commands that are supported by Cisco Catalyst SD-WAN CLI templates for CUBE configuration. Click a command name in the Command column to view information about the command, its syntax, and its use.

Table 2: Cisco Catalyst SD-WAN CLI Template Commands for CUBE Configuration

Command	Description

address-hiding| Hides signaling and media peer addresses from endpoints other than the gateway.
anat| Enables Alternative Network Address Types (ANAT) on a SIP trunk.
answer-address| Specifies the full E.164 telephone number to be used to identify the dial peer of an incoming call.
application (global)| Enters application configuration mode to configure applications.
asserted-id| Enables support for the asserted ID header in incoming SIP requests or response messages, and to send the asserted ID privacy information in outgoing SIP requests or response messages.
asymmetric payload| Configures SIP asymmetric payload support.
audio forced| Allows only audio and image (for T.38 Fax) media types, and drops all other media types).
authentication| Enables SIP digest authentication.
Command| Description
bind| Binds the source address for signaling and media packets to the IPv4 or IPv6 address of a specific interface.
block| Configures global settings to drop (not pass) specific incoming SIP provisional response messages on a CUBE.
call spike| Configures the limit on the number of incoming calls received in a short period (a call spike).
call threshold global| Enables the global resources of a gateway.
call treatment action| Configures the action that the router takes when local resources are unavailable.
call treatment cause-code| Specifies the reason for the disconnection to the caller when local resources are unavailable.
call treatment isdn-reject| Specifies the rejection cause code for ISDN calls when all ISDN trunks are busied out, but the switch ignores the busyout trunks and still sends ISDN calls into the gateway.
call treatment on| Enables call treatment to process calls when local resources are unavailable.
callmonitor| Enables the call monitoring messaging functionality on a SIP endpoint in a VoIP network.
call-route| Enables header-based routing at the global configuration level.
clid| Passes the network-provided ISDN numbers in an ISDN calling party information element screening indicator field, and removes the calling party name and number from the calling-line identifier in voice service voip configuration mode. Alternatively, allows the presentation of the calling number by substituting for the missing Display Name field in the Remote-Party-ID and From headers.
codec preference| Specifies a list of preferred codecs to use on a dial peer.
codec profile| Defines audio and video capabilities that are needed for video endpoints.
codec transparent| Enables codec capabilities to be passed transparently between endpoints in a CUBE.
conn-reuse| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Reuses the TCP connection of a SIP registration for an endpoint behind a firewall.
connection-reuse| Uses global listener port for sending requests over UDP.
Command| Description
contact-passing| Configures pass- through of the contact header from one leg to the other leg for 302 pass- through.
cpa| Enables the call progress analysis (CPA) algorithm for outbound VoIP calls and to set CPA parameters.
credentials| Configures a SIP TDM gateway or CUBE to send a SIP registration message when in the UP state.
crypto signaling| Identifies the trustpoint trustpoint-name keyword and argument that is used during the Transport Layer Security (TLS) handshake that corresponds to the remote device address.
dial-peer cor custom| Specifies that named class of restrictions (COR) apply to dial peers.
dial-peer cor list| Defines a class of restrictions (COR) list name.
disable-early-media 180| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Specifies which call treatment, early media or local ringback, is provided for 180 responses with 180 responses with Session Description Protocol (SDP).
dspfarm profile| Enters DSP farm profile configuration mode and defines a profile for DSP farm services.
dtmf-interworking| Enables a delay between the dtmf-digit begin and dtmf-digit end events in the RFC 2833 packets sent from CUBE, and generates RFC 4733 compliance RTP Named Telephony Event (NTE) packets from CUBE.
early-media update block| Blocks the UPDATE requests with the Session Description Protocol (SDP) in an early dialog.
early-offer| Forces CUBE to send a SIP invite with Early Offer on the Out Leg.
emergency| Configures a list of emergency numbers.
error-code-override| Configures the SIP error code to be used at the dial peer.
error-passthru| Enables the passage of error messages from the incoming SIP leg to the outgoing SIP leg.
g729-annexb override| Configures the settings for G.729 codec interoperability and overrides the default value if the annexb attribute is not present.
gcid| Enables Global Call ID (GCID) for every call on an outbound leg of a VoIP dial peer for a SIP endpoint.
gw-accounting| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Enables an accounting method for collecting call detail records (CDRs).
Command| Description
handle-replaces| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Configures a Cisco IOS device to handle SIP INVITE with Replaces header messages at the SIP protocol level.
header-passing| Enables the passing of headers to and from SIP INVITE, SUBSCRIBE, and NOTIFY messages.
host-registrar| Populates the sip- ua registrar domain name or IP address value in the host portion of the diversion header and redirects the contact header of the 302 response.
http client connection idle timeout| Sets the number of seconds for which the HTTP client waits before terminating an idle connection.
http client connection persistent| Enables HTTP persistent connections so that multiple files can be loaded by using the same connection.
http client connection timeout| Sets the number of seconds for which the HTTP client waits for a server to establish a connection before abandoning its connection attempt.
ip qos dscp| Configures the DSCP value for QoS.
localhost| Globally configures CUBE to substitute a DNS hostname or domain as the localhost name in place of the physical IP address in the From, Call-ID, and Remote-Party-ID headers in outgoing messages.
max-conn| Specifies the maximum number of incoming or outgoing connections for a particular VoIP dial peer.
max-forwards| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Globally sets the maximum number of hops, that is, proxy or redirect servers that can forward the SIP request.
media| Enables media packets to pass directly between endpoints without the intervention of CUBE, and enables signaling services.
media disable-detailed-stats| Disables the collection of detailed call statistics.
media profile asp| Creates a media profile to configure acoustic shock-protection parameters.
media profile nr| Creates a media profile to configure noise-reduction parameters.
media profile stream-service| Enables stream service on CUBE.
media profile video| Creates a media profile video.
media-address voice-vrf| Associates an RTP port range with VRF.
Command| Description
media-inactivity-criteria| Specifies the mechanism for detecting media inactivity (silence) on a voice call.
midcall-signaling| Configures the method that is used for signaling messages.
min-se| Changes the minimum session expiration (Min- SE) header value for all the calls that use the SIP session timer.
nat| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Uses SIP Network Address Translation (NAT) global configuration.
notify redirect| Enables application handling of redirect requests for all VoIP dial peers.
notify ignore substate| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Specifies Ignoring the Subscription-State header in a Notify message.
notify telephone-event| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Configures the maximum interval between two consecutive NOTIFY messages for a particular telephone event.
num-exp| Defines how to expand a telephone extension number into a particular destination pattern.
options-ping| Enables in-dialog options.
outbound-proxy| Configures a SIP outbound proxy for outgoing SIP messages globally.
pass-thru content| Enables the pass- through of SDP from in-leg to the out-leg.
permit hostname| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Stores hostnames used during validation of initial incoming INVITE messages.
privacy| Sets privacy support at the global level as defined in RFC 3323.
privacy-policy| Configures the privacy header policy options at the global level.
progress_ind| Configures an outbound dial peer on a CUBE to override andremove or replace the default progress indicator in specified call messages.
protocol mode| Configures the Cisco IOS SIP stack.
Command| Description
random-contact| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Populates an outgoing INVITE message with random-contact information instead of clear-contact information.
reason-header override| Enables cause code passing from one SIP leg to another.
redirect ip2ip| Redirects SIP phone calls to SIP phone calls globally on a gateway.
redirection| Enables the handling of 3xx redirect messages
referto-passing| Disables dial peer lookup and modification of the Refer-To header when the CUBE passes across a REFER message during a calltransfer.
registrar| Enables SIP gateways to register E.164 numbers on behalf of analog telephone voice ports (FXS), IP phone virtual voice ports (EFXS), and SCCP phones with an external SIP proxy or SIP registrar.
rel1xx| Enables SIP provisional responses (other than 100 Trying) to be sent reliably to the remote SIP endpoint.
remote-party-id| Enables translation of the Remote-Party-ID SIP header.
requri-passing| Enables pass- through of the host part of the Request-URI and To SIP headers.
retry bye| Configures the number of times that a BYE request is retransmitted to the other user agent.
retry invite| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Configures the number of times that a SIP INVITE request is retransmitted to the other user agent.
rtcp all-pass-through| Passes through all the RTCP packets in the datapath.
rtcp keepalive| Configures RTCP keepalive report generation and generates RTCP keepalive packets.
rtp payload-type| Identifies the payload type of an RTP packet.
rtp-media-loop count| Configures the number of media loops before RTP voice and video media packets are dropped.
rtp-port| Configures the real-time protocol range.
rtp-ssrc multiplex| Multiplexes RTCP packets with RTP packets and sends multiple synchronization source in RTP headers (SSRCs) in an RTP session.
session refresh| Enables SIP session refresh globally.
Command| Description
session transport| Configures a VoIP dial peer to use TCP or UDP as the underlying transport layer protocol for SIP messages.
set pstn-cause| Maps an incoming PSTN cause code to a SIP error status code.
set sip-status| Maps an incoming SIP error status code to a PSTN cause code.
signaling forward| Configures global settings for transparent tunneling of QSIG, Q.931, H.225, and ISUP messages.
silent discard untrusted| Discards SIP requests from untrusted sources in an incoming SIP trunk.
sip-server| Configures a network address for the SIP server interface.
srtp| Specifies that SRTP be used to enable secure calls and call fallback.
srtp negotiate| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Enables the Cisco IOS Session Initiation Protocol (SIP) gateway to accept and send a Real-Time Transport Protocol (RTP) Audio/Video Profile (AVP) at the global configuration level.
stun| Enters STUN configuration mode for configuring firewall traversal parameters.
stun flowdata shared-secret| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Configures a secret shared on a call control agent.
stun usage firewall-traversal flowdata| Enables firewall traversal using STUN.
supplementary-service media- renegotiate| Globally enables midcall media renegotiation for supplementary services.
timers| Configures SIP-signaling timers.
transport| Configures the SIP user agent (gateway) for SIP-signaling messages in inbound calls through the SIP TCP, TLS over TCP, or UDP socket.
uc secure-wsapi| Configures a secure Cisco Unified Communication IOS services environment for a specific application.
uc wsapi| Configures a nonsecure Cisco Unified Communication IOS services environment for a specific application.
update-callerid| Enables sending updates for caller IDs.
url (SIP)| Configures URLs to either the SIP, SIP secure (SIPS), or telephone (TEL) format for your VoIP SIP calls.
vad| Enables VAD for calls using a specific dial peer.
Command| Description
video codec| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Specifies a video codec for a voice class.
voice cause code| Sets the internal Q850 cause code mapping for, voice and enters voice cause configuration mode.
voice class codec| Enters voice-class configuration mode and assigns an identification tag number for a codec voice class.
voice class dpg| Creates a dial-peer group for grouping multiple outbound dial peers.
voice class e164-pattern-map| Creates an E.164 pattern map that specifies multiple destinationE.164 patterns in a dial peer.
voice class media| Configures media control parameters for voice.
voice class server-group| Enters voice-class configuration mode and configures server groups (groups of IPv4 and IPv6 addresses) that can be referenced from an outbound SIP dial peer.
voice-class sip options-keepalive| Monitors connectivity between CUBE VoIP dial peers and SIP servers.
voice class sip-copylist| Configures a list of entities to be sent to the peer call leg.
voice class sip-event-list| Configures a list of SIP events to be passed through.
voice class sip-hdr-passthrulist| Configures a list of headers to be passed through the route string.
voice class sip-profiles| Configures SIP profiles for a voice class.
voice class srtp-crypto| Enters voice class configuration mode and assigns an identification tag for an srtp-crypto voice class command.
voice class uri| Creates or modifies a voice class for matching dial peers to a SIP or TEL URI.
voice class tls- cipher| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Configures an ordered set of TLS cipher suites.
voice class tls- profile| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Enables voice class configuration mode, and assigns an identification tag for a TLS profile.
voice iec syslog| Enables viewing of internal error codes as they are encountered in real time.
voice statistics iec| Enables collection of internal error code statistics.
Command| Description
xfer target| Minimum supported releases: Cisco vManage Release 20.10.1 and Cisco IOS XE Catalyst SD-WAN Release 17.10.1a. Routes the INVITE to the refer-to destination in the REFER consume case. The routing decision is made based on the xfer target destination.