[prev in list] [next in list] [prev in thread] [next in thread]
List: cisco-voip
Subject: Re: [cisco-voip] Session/connection limits on multi-tenant CUBE
From: Fred Hunt <fredmanwalking.voip () gmail ! com>
Date: 2019-04-12 16:27:48
Message-ID: CAH_yXwJY+WQh9+X5MsnoMUBajM6US35Q+2ARASg_yvVSC9uT+w () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
So far, in testing, a consolidated dial-peer configuration like shown below
is working to meet our needs:
voice class server-group 5000
ipv4 10.X.X.1 port 5060 preference 1
ipv4 10.X.X.2 port 5060 preference 2
description TENANT 1 TRUNK GROUP
!
voice class uri 5500 sip
host ipv4:10.X.X.1
host ipv4:10.X.X.2
!
dial-peer voice 999998 voip
description TENANT 1 TEST
incoming uri from 5500
incoming called-number 9876543210
destination-pattern 9876543210
session protocol sipv2
session transport udp
session server-group 5000
voice-class codec 1
voice-class sip options-keepalive profile 5000
voice-class sip bind control source-interface GigabitEthernet0/0/0
voice-class sip bind media source-interface GigabitEthernet0/0/0
dtmf-relay rtp-nte
no vad
max-conn 1
!
I opened a TAC case and was informed that we aren't the only customers
seeking the functionality that I outlined in my initial email. There is a
bug opened to track that enhancement request:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm89283. It does only
mention limiting outbound connections, but hopefully that will change to
include inbound too.
On Fri, Apr 5, 2019, 11:47 Fred Hunt <fredmanwalking.voip@gmail.com> wrote:
> We are trying to determine the best was to configure what will essentially
> be multi-tenant CUBEs. These will be multi-tenant in the sense that they
> will interface with a number of different CUCM and IVR environments. Each
> environment will be considered a tenant. We need a means of limiting the
> number of SIP sessions the different environments will be allowed to use.
> Unfortunately, I'm not seeing any tenant level commands that facilitate
> doing so:
> https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/voice/cube/configuration/cube-book/voi-cube-multi-tenants.html#reference_0DECA59896064A95ACCB2A2553107EA8
>
> Thus far, we have come up with the idea to create different "voice class
> uri" entries, comprised of the various IP addresses for each tenant. Those
> voice class uri entries would be used for dial-peer matching and a
> "max-conn" parameter would be used to limit the number of connections using
> each dial-peer. We typically configure separate dial-peers for inbound and
> outbound matching, in order to make the configuration more easy to visually
> review. If we continue with that design, this would allow us to implement
> session limits on inbound and outbound dial-peers corresponding with each
> environment. However, we want to be able to apply a session limit globally
> for each tenant, meaning inbound and outbound both count cumulatively
> towards that limit.
>
> Would it be better to have a consolidated dial-peer for each tenant, which
> would be used for both inbound and outbound purposes, and has a "max-conn"
> parameter? My understanding is that to accomplish that we would use
> "incoming uri" matching for the inbound side and destination dial-peer
> group (using "voice class dpg" and "destination dpg") for the outbound
> side. Alternatively, I think we could use pattern maps ("voice class
> e164-pattern-map" and "destination e164-pattern-map") instead.
>
> Has any Cisco-VoIP list member faced this same scenario and, if so, what
> configuration met your needs? Am I missing a tenant level command that
> would fulfill this need? Am I on the best path to accomplish this with
> what I outlined in the paragraph above?
>
> Thanks in advance for any feedback
>
[Attachment #5 (text/html)]
<div dir="auto"><div style="font-family:sans-serif;font-size:12.8px" dir="auto"><div \
style="margin:16px 0px"><div><div><div><p>So far, in testing, a consolidated \
dial-peer configuration like shown below is working to meet our needs:</p><p>voice \
class server-group 5000<u></u><u></u></p><p>ipv4 10.X.X.1 port 5060 preference \
1<u></u><u></u></p><p>ipv4 10.X.X.2 port 5060 preference \
2<u></u><u></u></p><p>description TENANT 1 TRUNK \
GROUP<u></u><u></u></p><p>!<u></u><u></u></p><p>voice class uri 5500 \
sip<u></u><u></u></p><p>host ipv4:10.X.X.1<u></u><u></u></p><p>host \
ipv4:10.X.X.2<u></u><u></u></p><p>!<u></u><u></u></p><p>dial-peer voice 999998 \
voip<u></u><u></u></p><p>description TENANT 1 TEST<u></u><u></u></p><p>incoming uri \
from 5500<u></u><u></u></p><p>incoming called-number \
9876543210<u></u><u></u></p><p>destination-pattern \
9876543210<u></u><u></u></p><p>session protocol sipv2<u></u><u></u></p><p>session \
transport udp<u></u><u></u></p><p>session server-group \
5000<u></u><u></u></p><p>voice-class codec 1<u></u><u></u></p><p>voice-class sip \
options-keepalive profile 5000<u></u><u></u></p><p>voice-class sip bind control \
source-interface GigabitEthernet0/0/0<u></u><u></u></p><p>voice-class sip bind media \
source-interface GigabitEthernet0/0/0<u></u><u></u></p><p>dtmf-relay \
rtp-nte<u></u><u></u></p><p>no vad<u></u><u></u></p><p>max-conn \
1<u></u><u></u></p><p>!<u></u><u></u></p></div></div></div></div><div \
style="height:0px"></div></div><br><div dir="auto">I opened a TAC case and was \
informed that we aren't the only customers seeking the functionality that I \
outlined in my initial email. There is a bug opened to track that enhancement \
request: <a href="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm89283">https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm89283</a>. \
It does only mention limiting outbound connections, but hopefully that will change to \
include inbound too.</div></div><br><div class="gmail_quote"><div dir="ltr">On Fri, \
Apr 5, 2019, 11:47 Fred Hunt <<a href="mailto:fredmanwalking.voip@gmail.com" \
target="_blank" rel="noreferrer">fredmanwalking.voip@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><p \
style="font-family:sans-serif;font-size:12.8px">We are trying to determine the best \
was to configure what will essentially be multi-tenant CUBEs. These will be \
multi-tenant in the sense that they will interface with a number of different CUCM \
and IVR environments. Each environment will be considered a tenant. We need a \
means of limiting the number of SIP sessions the different environments will be \
allowed to use. Unfortunately, I'm not seeing any tenant level commands that \
facilitate doing so: <a \
href="https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/voice/cube/configuration/cube-book/voi-cube-multi-tenants.html#reference_0DECA59896064A95ACCB2A2553107EA8" \
style="text-decoration-line:none;color:rgb(66,133,244)" rel="noreferrer noreferrer" \
target="_blank">https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/voice/cube/configura \
tion/cube-book/voi-cube-multi-tenants.html#reference_0DECA59896064A95ACCB2A2553107EA8</a></p><p \
style="font-family:sans-serif;font-size:12.8px">Thus far, we have come up with the \
idea to create different "voice class uri" entries, comprised of the various IP \
addresses for each tenant. Those voice class uri entries would be used for \
dial-peer matching and a "max-conn" parameter would be used to limit the number of \
connections using each dial-peer. We typically configure separate dial-peers for \
inbound and outbound matching, in order to make the configuration more easy to \
visually review. If we continue with that design, this would allow us to implement \
session limits on inbound and outbound dial-peers corresponding with each \
environment. However, we want to be able to apply a session limit globally for each \
tenant, meaning inbound and outbound both count cumulatively towards that limit. \
</p><p style="font-family:sans-serif;font-size:12.8px">Would it be better to have a \
consolidated dial-peer for each tenant, which would be used for both inbound and \
outbound purposes, and has a "max-conn" parameter? My understanding is that to \
accomplish that we would use "incoming uri" matching for the inbound side and \
destination dial-peer group (using "voice class dpg" and "destination dpg") for the \
outbound side. Alternatively, I think we could use pattern maps ("voice class \
e164-pattern-map" and "destination e164-pattern-map") instead.</p><p \
style="font-family:sans-serif;font-size:12.8px">Has any Cisco-VoIP list member faced \
this same scenario and, if so, what configuration met your needs? Am I missing a \
tenant level command that would fulfill this need? Am I on the best path to \
accomplish this with what I outlined in the paragraph above?</p><p \
style="font-family:sans-serif;font-size:12.8px">Thanks in advance for any \
feedback</p></div> </blockquote></div>
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic