In general the loop detection should also work on interworked calls,

but sure, maybe you have some old bg/gk or 3rd party sip proxy in the path

or do some additional search / transform patterns which lock something up.

Which version of the vcs do you use? Also tell your callers to use a proper uri incl a domain :-)

Hi,

it is not good idea to leave the continueous loop-detection problem unresolved. you can optimize your search rule and eliminate the loop detection by specifying where the call should be directly as oppose to use "Any" all over the place. Creating subzones and registering endpoints based some policy/category in those subzones, enables you to direct your calls via search rules towards one specific subzone rather than broadcasting, hence mutliply braodcasting via Any search rules create loops.

regards,

Ahmad

Hi Both,

Here is an example of the setup (simplified and addresses are not real).

Essentially 99% of our infrastructure uses H.323 with E.164 numbers that comply with the Global Dialling Scheme (GDS). External VCS Expressways and Boarder Controller have neighboured zones with the National Gatekeeper. E.164 lookup are passed from one zone to the next so that the H.323 client in "Site 2" can dial H.323 client in Site 1.

Of course, Jabber clients are SIP, but the VCS will interwork H.323 --> SIP so that H.323 client dialling the E.164 004411111100 will ring all Jabber clients in a group. The problem is that in the history of the Jabber client, the address that shows up is "MyCODEC@192.168.0.2". Obviously, this is NEVER going to be reached. If we have control over the system, we would configure the system name an  H.323 ID to be something like "MyCODEC@site2.com" (although sometime it simply isn't possible due to restrictions on the number of characters), but in this case we don't.

Indeed, Ahrmad, one of the search rules targeting the traversal zone on the VCS Control forwards a call attempt to "MyCODEC@192.168.0.2" to the VCS Expressway, which in turn hands it back to the Control and so on. The Source is set to "Any" and the mode is also set to "Any alias". In general, we do not see the need to allow dialling via the Expressway (or Control) IP (i.e. 00441111100@1.1.1.1, or 00441111100@192.168.0.2) so implementing the Call Policy so stop and authenticated or unauthenticated calls to ".*@192.168.0.2" stops this loop.

Sure that call policy might kills the symptoms, but there might be some generic problems with the

search rules in addition.

The first step could be to see to improve the search rules and your addresses / dialplan.

Followed what could be done to improve the setup (like replace the old BK/GK with VCS), ...

But To be honest, to many devices, to many side effects, contact your Cisco Telepresence Partner

or an external consultant and get your network reviewed.

Hi Martin and thanks for the reply.

I had written a full response, but typically, the browser crashed!

After a bit of investigation, I have now noted three possible problems relating to the caller (source) ID as shown in Jabber’s history:

• If the endpoint H.323 ID is NOT set, yet the E.164 number is set, Jabber will record the call as having come from “E.164@192.168.0.2”. This is fine as we have transforms in place that manipulate URI’s that look like E.164 numbers and strip off the IP address, then interwork the call and pass forward the H.323 call via E.164.
• If the H.323 is set to something WITHOUT a “@domain”, then the VCS will have to append its IP address to the H.323 ID as a SIP/Jabber client required a ‘valid’ URI, of sorts. SO the Jabber client sees “host@192.168.0.2”, however, this call can never be returned as there is no what for the VCS to determine its destination. The configured search rule will pass off the request to the Expressway, who in turn will pass it back and so forth. Whilst I understand that a dial plan may only be treating the symptoms of this search rule failure, we see no need that and endpoint will ever need to dial “anything@192.168.0.2” (or @IP_Address_VCS_Control) and so blocking such an attempt will work at least in the short term.
• If the H.323 ID has a full URI set, then the SIP /Jabber client will use this for the return call. In this case, the same search rule that failed above passes the URI through to the Expressway that then uses DNS to lookup the endpoint. Of course, the relies on DNS being correctly configured which unfortunately for us is something that is beyond our control as this is the responsibility of each site/institution. However, it does at least give the Jabber human user an idea of where the call came from – even if it cannot be returned.

There may in fact be a fourth option where the H.323 ID contains an invalid URI, in which case it seems that the VCS replaces the whole thing with “iwf@192.168.0.2”, but again nothing can be done about this.

WRT to the old GK/BC, in the first instance this was the topology, however, I have checked with Pure VCS infrastructure and the same holds true. We have advised the site that the GK/BC is end of life, but again, the responsibility (and cost) is not apportioned to us.

I will look into the search rules and fully determine if any endpoint will ever require that a call be placed to “host@IP_Address_VCS_Control”, but I don’t think so.