Solved: CUCM as RTP source and destination

eddchen · ‎04-03-2019

Hi voice guys,

currently we have a cisco voice network as below:

phones(10.x.x.x)->cucm sip trunk(1.1.1.1) ->cube(2.2.2.2) sip trunk->firewalls->oracle SBC(3.3.3.3)->telco

One thing to note is that the firewall and SBC are 3rd party managed and are shared environment.

On CUBE, if i do debug ccsip media, it will show all phones' RTP media flow will be terminated by CUBE and source ip changed to CUBE and send through FW to SBC, which is expected as CUBE is serving as the proxy and FW rule will only need to open the traffic to and from one ip (cube 2.2.2.2)

Now, management/customer is keen on getting rid of the CUBE(I know what you are going to say, hehehe, but it is not our decision here), and change the topology to:

phones(10.x.x.x)->cucm sip trunk(1.1.1.1) ->firewalls->oracle SBC(3.3.3.3)->telco

My question is: for RTP traffics from the phone, will the FW rule allows all our phones individual IP/range from the RTP/UDP range? Or is there a way we can twik the cucm/sip trunk to make cucm acted like the cube to terminate all RTP streams and then relay onward?

To be specific, if i do a debug ccsip media on the cube, i can see the cube will terminate the media session and then use it's own ip as the source of all media traffic to the SBC. (I am not quite sure if that is due to the dial peer or B2B agent behavior).....anyway, is there a way we can do the same for the new topology without the CUBE. where CUCM will terminate the media and initiate a new session to the SBC? So FW don't need to have a rule for all phone's ip/range but just the cucm's IP? Thanks.

Slavik Bialik · ‎04-04-2019

Of course you can do that.

When you'll have your SIP Trunk that will connected directly to that Oracle SBC, you just have to check the "Media Termination Point Required" option.

That way you'll achieve what you need.

BUT, take under consideration that you'll start to use those MTP resources and depends on the estimated amount of the calls you have concurrent, it may take lots of software resources from your CUCM. It is advised to have few CUCMs in cluster where you can use each MTP resources of all of your CUCMs under the Resource Group List configurations.

If you have LOTS of calls, I would suggest to think about using ALSO a voice gateway with DSP resources to act as a MTP resource. But that way you'll probably have to buy another gateway, because I'm guessing that your CUBE has no PVDM cards.

View solution in original post

Slavik Bialik · ‎04-04-2019

Of course you can do that.

When you'll have your SIP Trunk that will connected directly to that Oracle SBC, you just have to check the "Media Termination Point Required" option.

That way you'll achieve what you need.

BUT, take under consideration that you'll start to use those MTP resources and depends on the estimated amount of the calls you have concurrent, it may take lots of software resources from your CUCM. It is advised to have few CUCMs in cluster where you can use each MTP resources of all of your CUCMs under the Resource Group List configurations.

If you have LOTS of calls, I would suggest to think about using ALSO a voice gateway with DSP resources to act as a MTP resource. But that way you'll probably have to buy another gateway, because I'm guessing that your CUBE has no PVDM cards.