NetBorder SS7 Gateway - SIP to SS7 Configuration Guide
- 1 Perform the First Boot/Initial Setup
- 2 Network Configuration
- 2.1 Network Setup
- 2.1.1 CAUTION:
- 2.2 Physical Network Interface Configuration
- 2.3 Appliance Network Interfaces
- 2.4 Selecting Default Route
- 2.5 Network Section
- 2.6 Interface Section
- 2.6.1 Network Role
- 2.6.2 Types
- 2.6.3 Ethernet Options
- 2.7 Virtual IP’s
- 2.8 IP Troubleshooting
- 2.9 Static Routes
- 2.9.1 Routing Table Status
- 2.10 VLAN
- 2.10.1 VLAN Configuration
- 2.10.2 VLAN Routes
- 2.11 Additional VLAN
- 2.11.1 VLAN Status
- 2.12 Date & Time Service Config
- 2.1 Network Setup
- 3 Initial Gateway Configuration
- 4 SS7 ISUP Configuration
- 5 Media Transcoding Configuration
- 5.1 Media Hardware
- 6 Applying Configuration
- 7 Dialplan
- 7.1 Dialplan Reload/Apply
- 7.2 PSTN to SIP Dialplan
- 7.3 Dialplan Syntax
- 7.3.1 Context
- 7.3.2 Extensions
- 7.3.3 Conditions
- 7.3.4 Multiple Conditions (Logical AND)
- 7.3.5 Multiple Conditions (Logical OR, XOR)
- 7.3.6 Complex Condition/Action Rules
- 7.3.7 Variables
- 7.3.8 Built-In Variables
- 7.3.9 Caller Profile Fields vs. Channel Variables
- 8 Starting the Gateway
Perform the First Boot/Initial Setup
Power Connection
Sangoma NSG comes with three types of power supplies
AC PSU
AC Single PSU (Default)
AC Dual-Redundant PSU
DC PSU
DC Dual-Redundant PSU
PSU Connection
Standard 110V or 220V, 50-60Hz connection.
Optional Dual-Redundant AC 110V or 220V, 50-60Hz connection.
Optional Dual-Redundant DC -48V
DC PSU Connection
Connecting cables to a power supply depends on the remote power source.
Power Source Type | Black Wire | Red Wire |
If power source -48V | -48V | 0V (Ground) |
If power source +48V | 0V (Ground) | +48V |
The PSU has voltage reverse protection.
If the red and black wires are connected the wrong way, the system will not power up. But there will be no damage to the PSU or the system.
VOLTAGE | DC -36V ~ -72V |
INPUT CURRENT: | 12.0A (RMS). FOR -48 VDC |
INRUSH CURRENT | 20A (Max) |
DC OUTPUT | 400W (Max) |
Establishing Initial WebGUI Connection
NSG factory settings are not very useful, as the Primary Ethernet port:eth0 is set to a static IP address. Proceed to connect to the NSG Appliance via Laptop’s web browser.
Connect the Primary Signaling Port: eth0 to a LAN Switch
Connect Laptop to LAN Switch
Configure Laptop to IP address: 192.168.168.1/24
Using Laptop web browser go to URL: http://192.168.168.2:81
Login via
Username: root, Password: sangoma
Change Password
After successful Login, please proceed to change the default password. Sangoma NSG appliance comes with default password.
For security reasons please change the password.
Select Password page from side/top System menu
Enter your new password
Press update to save
Console SSH Configuration
By default NSG systems come with SSH enabled. To configure ssh service
Select Services from side/top System Menu
Enable or disable Secure Shell service
Service | Description | Status |
Samba/Windows NetBIOS | Windows NetBIOS server | Not used / Not required |
MySQL | MySQL database | Not used / Not required |
Samba/Windows Server | Windows File server | Not used / Not required |
Time Server | Network Time Protocol | Should be configured and enabled. Note: There must be internet access to reach the NTP service. |
Web Server | web/httpd server | Not used / Not required |
Gateway Service | NSG VoIP to SS7 gateway | Do not configure it here Use Control Panel |
Logging Services | Syslog, logging service | Should be configured and enabled. |
Samba/Windows Winband | Not used/ Not required |
|
Secure Shell | SSH server | Should be configured and enabled. |
System Scheduler/Cron | System scheduler | Should be configured and enabled |
System Watch | System watch | Should be configured and enabled |
NSG License
Each NSG appliance comes with pre-installed license.
In case of upgrades, of expansions please contact Sangoma Sales.
To update NSG license
Select License from side/top Configuration Menu
NSG License from Sangoma Support
Upload the License into the NSG Gateway via the Upload Button The License page offers the detailed license overview.
License Variables | Description |
Name | Customer Name |
Customer Email | |
Reseller | Reseller Name |
License | NA |
SPC | SPC stands for: self point code It’s used to bind a specific set of point codes to the license. ANY: is a special value which allows use of an SPC value. |
MAC | System’s MAC address. License code checks the MAC address and confirmes if MAC is correct. One can check vs License Information section. |
CICS | Number of TDM channels allowed by the license. From example above CICs = 600 For RTP to TDM calls: License allows 600 calls For TDM to TDM calls: License allows 300 calls |
Network Configuration
Network configuration section only applies to Physical Network Interfaces: eth0 and eth1. It does not apply to VLAN IP and route configuration.
Network Setup
Physical network interfaces: eth0, eth1 are configured in the section
Configuration-> Settings-> IP Settings.
This section can only be used to modify/configure IP, Host, DNS information for Physical Network interfaces eth0 and eth1.
Default Route/Gateway
To configure a system default route through the IP Settings section, the appropriate interface role type to use is “External”. The External interfaces get associated to the default system route.
CAUTION:
There can only be ONE External network interface.
There can only be ONE system default route.
Static Routes
Static routes that apply to physical network interfaces eth0, eth1 should be configured in
Configuration-> Network -> IP Route section.
CAUTION:
Do not try to configure VLAN routes in this section. .
route configuration files are only meant to be used for eth0,eth1 interfaces.
Media Ethernet Interface: Transcoding
NSG comes with optional, media/codec transcoding hardware. The media transcoding hardware network interface is: eth2. The media transcoding network interface comes preconfigured with a 10.x.x.x ip address.
Configuration of the eth2 device should be performed in Configuration->Settings->Media.
CAUTION:
One should take this into account when assigning IP addresses to eth0,eth1 or VLAN interfaces. Confirm that ip address range set does not conflict with eth2 media transcoding network interface.
VLAN Config IP & Routes
VLAN’s can be configured in section Configuration-> VLAN
VLAN can be configured on top of eth0 and eth1 network interface only.
All VLAN related configuration such as IP address, VLAN ID and VLAN routes must be configured in VLAN configuration section only.
CAUTION:
Do not use Static IP Route section to create a VLAN routes.
Static IP Route section is only for physical interfaces eth0 and eth1.
VLAN Default Route
If a system default route needs to be configured via VLAN interface.
Configure the system default route in Configuration-> VLAN section.
Refer to the VLAN section below.
CAUTION:
Make sure that all physical network interfaces in IP Settings section are configured for role “LAN”. No physical network interface eth0, eth1 should be configured for role “External”. This would result in multiple system default routes.
Physical Network Interface Configuration
By default the NSG appliance pre-configured with 192.168.168.2/24 address on Primary Port (eth0). The IP address can be changed based as follows
Select IP Settings from side/top Configuration menu
Specify Firewall Mode and Hostname
Select Edit under eth0 and eth1 device and configure
NOTE
eth2 device is a Sangoma Transcoding device and should be modified.
eth2 device is configured in Configuration -> Media section of the GUI will configure this device
Appliance Network Interfaces
eth0
Primary Signaling Port
By default provisioned as static 192.168.168.2
By default allows access to ssh and management http
eth1
Secondary Signaling or Management Port
By default provisioned as static no IP address
By default allows access to ssh and management http
eth2
Sangoma transcoding DSP board
Provisioned using Media page. Do not modify in this section.
Selecting Default Route
NSG appliance should have a single default route. The default route is used to access Internet.
To configure a default route on eth0
Set the eth0 interface mode to External.
Refer to section below.
Network Section
VariableName | Input Options | Description |
Mode | Standalone – No Firewall | Firewall Disabled |
| Standalone | Firewall Enabled Warning: All active service ports must be explicitly enabled |
Hostname | String | A hostname is the full name of your system. If you have your own domain, you can use a hostname like nsg.example.com Alternatively, you can also make one up: gateway.lan, mail.lan. The hostname does require at least one period (.) |
Name/DNS Servers | Domain Name or IP address eg. 8.8.8.8 | On DHCP and DSL/PPPoE connections, the DNS servers will be configured automatically for your IP Settings. In these two types of connections there is no reason to set your DNS servers. Users with static IP addresses should use the DNS servers provided by your Internet Service Provider (ISP). If you are using Multi-WAN, please review the documentation on the topic of DNS servers. |
Interface Section
Network Role
When configuring a network interface, the first thing you need to consider is the network role in IP Settings. Will this network card be used to connect to the Internet, for a local network, for a network with just server systems? The following network roles in IP Settings are supported in NSG and are described in further detail in the next sections:
External - network interface with direct or indirect access to the Internet
LAN - local area network
Hot LAN - local area network for untrusted systems
DMZ - de-militarized zone for a public network
Option | Description |
External | Network interface with direct or indirect access to the Internet External interface is used as the system default route. WARNING: You should have only ONE external network interface. Usually eth0 is the external interface |
LAN | Connection to your local network Usually eth1 is the LAN interface |
Hot LAN | Hot LAN (or “Hotspot Mode”) allows you to create a separate LAN network for untrusted systems. Typically, a Hot LAN is used for: Servers open to the Internet (web server, mail server) Guest networks Wireless networks A Hot LAN is able to access the Internet, but is not able to access any systems on a LAN. As an example, a Hot LAN can be configured in an office meeting room used by non-employees. Users in the meeting room could access the Internet and each other, but not the LAN used by company employees. |
DMZ | In NSG, a DMZ interface is for managing a block of public Internet IP addresses. If you do not have a block of public IP addresses, then use the Hot LAN role of your IP Settings. A typical DMZ setup looks like: WAN: An IP addresses for connecting to the Internet LAN: A private network on 192.168.x.x DMZ: A block of Internet IPs (e.g from 216.138.245.17 to 216.138.245.31) NSG GUI has a DMZ firewall configuration page to manage firewall policies on the DMZ network. |
Types
Option | Description |
DHCP | For most cable and Ethernet networks, DHCP is used to connect to the Internet. In addition, your system will have the DNS servers automatically configured by your ISP when the Automatic DNS Servers checkbox is set. |
Static | If you have a static IP, you will need to set the following parameters: IP Netmask (e.g. 255.255.255.0) Gateway (typically ends in 1 or 254) Ethernet Options (able to force 100MB or 1000mb) |
PPPoE DSL | For PPPoE DSL connections, you will need the username and password provided by your ISP. In addition, your system will have the DNS servers automatically configured by your ISP when the Automatic DNS Servers checkbox is set. |
Ethernet Options
Setting custom Ethernet options such as disabling auto negotiation is done as part of the IP Settings.
Select IP Settings from side/top Configuration Menu
Specify Options field in order to add special configuration to this interface.
Options are any device-specific options supported by ethtool.
In above example the Ethernet device is set for 100Mb with negotiation disabled.
Options | [ speed 10|100|1000|2500|10000 ] [ duplex half|full ] [ port tp|aui|bnc|mii|fibre ] [ autoneg on|off ] [ advertise %%x ] [ phyad %%d ] [ xcvr internal|external ] [ wol p|u|m|b|a|g|s|d... ] [ sopass %%x:%%x:%%x:%%x:%%x:%%x ] [ msglvl %%d ] |
Virtual IP’s
NSG supports virtual IPs. To add a virtual IP address, click on the link to configure a virtual IP address and add specify the IP Address and Netmask. You will also need to create advanced firewall rules if the virtual IP is on the Internet
IP Troubleshooting
In most installs, the network cards and IP settings will work straight out of the box. However, getting the network up the first time can be an exercise in frustration in some circumstances. Issues include;
Network card compatibility
Invalid networks settings (username, password, default gateway)
Cable/DSL modems that cache network card hardware information
Static Routes
In some cases a static route must be defined for a specific network interface: eth0 or eth1. The static route support is done via File Editor
Select IP Route from side/top Configuration Menu
Add a custom route command
Save and Apply
The IP Route section only allows route add command syntax
Route File Name | Description |
Usage | Use to create static routes for Primary Signaling Ethernet Port:eth0 Usage: {-host|-net} Target[/prefix] [gw Gw] [metric M] [netmask N] [mss Mss] [window W] [irtt I] [mod] [dyn] [reinstate] [[dev] If] Example: #Route a class C network 10.133.20.0 via gw IP -net 10.133.20.0 netmask 255.255.255.0 gw 10.132.30.1 #Route a class B network 10.133.0.0 via gw IP -net 10.133.0.0 netmask 255.255.0.0 gw 10.132.30.1 #Route a class B network 10.133.0.0 via device eth0 -net 10.133.0.0 netmask 255.255.0.0 dev eth0 |
Routing Table Status
Select VLAN Status from side/top Overview Menu
Second table shows full system routing table.
VLAN
Virtual local area network, virtual LAN or VLAN is a concept of partitioning a physical network, so that distinct broadcast domains are created. NSG mark’s packets through tagging, so that a single interconnect (trunk) may be used to transport data for various VLANs.
A VLAN has the same attributes as a physical local area network (LAN), but it allows for end stations to be grouped together more easily even if not on the same network switch. VLAN membership can be configured through software instead of physically relocating devices or connections. Most enterprise-level networks today use the concept of virtual LANs(VLAN). Without VLANs, a switch considers all interfaces on the switch to be in the same broadcast domain
VLAN Configuration
Currently NSG only supports VLAN configuration via GUI
Select VLAN from side/top Configuration Menu
Copy in the VLAN configuration script below into the file editor
Save
On save the VLAN configuration will be applied
Proceed to VLAN Status confirm VLAN configuration
The VLAN network interfaces are created over physical network interface. Make sure that the physical network interface eth0 or eth1 are configured in IP Settings, before attempting to configure VLAN on top of them eth0 or eth1.
The Save/Apply post processing will display VLAN configuration status
Example of sample script that could be copied into the VLAN config startup script:
#Create
a VLAN device on eth0
interface with VLAN ID of 5 vconfig
add eth0 5
#configure VLAN device with IP/Net mask
ifconfig eth0.5 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 up
#configure a default route within a vlan
route add –net 192.168.1.0/24 gw 192.168.1.1
#if system default route needs to go through VLAN
#Note that there can only be ONE system default route.
In the example above, a single VLAN was created
on top of the Primary Signaling Ethernet Port:eth0 with
VLAN ID=5 and
IP =192.168.1.100/24.
VLAN Routes
An optional route can be created to point to a gateway within a VLAN network
Only routes related to VLAN interfaces are allowed in the VLAN configuration section
If a system default route needs to go through a VLAN
Confirm that IP Settings interfaces are all set to LAN role.
As there can be only ONE system default route.
Additional VLAN
If more VLAN’s are needed, proceed to repeat the above steps for all VLANs.
When Save button is pressed:
The VLAN configuration will be applied
The script above will be executed line by line.
Status window will pop up with VLAN config status. If one of the lines fails, the pop up will report it.
Proceed to Overview -> VLAN status below to confirm VLAN and Route configuration
# vconfig
Expecting argc to be 3-5, inclusive. Was: 1
Usage: add [interface-name] [vlan_id]
rem [vlan-name]
set_flag [interface-name] [flag-num] [0 | 1]
set_egress_map [vlan-name] [skb_priority] [vlan_qos]
set_ingress_map [vlan-name] [skb_priority] [vlan_qos]
set_name_type [name-type]
* The [interface-name] is the
name of the ethernet card that hosts
the VLAN you are talking about.
* The vlan_id is the identifier
(0-4095) of the VLAN you are operating on.
*
skb_priority
is the priority in the socket buffer (sk_buff).
*
vlan_qos
is the 3 bit priority in the VLAN header
* name-type: VLAN_PLUS_VID
(vlan0005), VLAN_PLUS_VID_NO_PAD (vlan5), DEV_PLUS_VID (eth0.0005),
DEV_PLUS_VID_NO_PAD (eth0.5)
* bind-type: PER_DEVICE #
Allows vlan 5 on eth0 and eth1 to be unique. PER_KERNEL # Forces vlan 5 to be unique across all devices.
* FLAGS: 1 REORDER_HDR When this is set, the VLAN device will move
the ethernet header around to make it look exactly like a real
ethernet device. This may help programs such as
DHCPd which read the raw ethernet packet and make assumptions about the
location of bytes. If you don't need it, don't turn it on, because there will
be at least a small performance degradation.
Default is OFF
VLAN Status
Select VLAN Status from side/top Overview Menu
This page shows
All configured VLANs
System Routing table
Individual VLAN configuration
Individual VLAN IP information
Confirm that VLAN Interface contains the correct IP address.
If the IP address is not set, the VLAN configuration has not been set properly
Date & Time Service Config
The Date/Time configuration tool allows you to:
Select your time zone
Synchronize your clock with network time servers
Enable/disable a local time server for your network
Note that you need to configure your IP address and default route in order to be able to use a default time server that is located on the internet.
To configure:
Select Date from side/top System menu
Refer below to all available options
Option | Description |
Date/Time | The system date, time and time zone information is displayed for informational purposes. Please make sure it is accurate since it is not unusual to have computer clocks improperly set on a new installation. |
Time Zone | It is important to have the correct time zone configured on your system. Some software (notably, mail server software) depends on this information for proper time handling. |
NTP Time Server | An NTP Time Server is built into NSG. |
Time Synchronization | Hitting the Synchronize Now button will synchronize the system's clock with network time servers. |
Initial Gateway Configuration
NSG by default contains following VoIP/TDM Sections
Global Gateway Config
Configured in Global gateway section.
Used to configure SIP, RTP, RADIUS options.
SIP/RTP
Configured in Global Gateway section
SIP profile is always started
MG
Configured in MG gateway section
MG Termination ID’s are mapped to TDM channels in TDM gateway section.
For full MG configuration one must configure MG and TDM sections.
SS7
Configured in TDM gateway section
ISUP Termination
M2UA Signaling Gateway
Media/Transcoding
Configured in Media gateway section
Enable and select hw codec support
Note: HW transcoding is an optional feature.
Dialplan
Used for SIP to TDM
Note: Dialplan is not used in MG/Megaco/H.248 mode.
Apply
All configuration files are saved to disk at this step.
Above configuration sections only save information in local database.
NSG Gateway can be started in Control Panel after this step
TDM Status can be used to monitor Gateway Status.
Global Gateway Configuration
Select Global from side/top Configuration Menu
Change a SIP global variable and Click on Save (Disk Icon)
Proceed to Control Panel and Restart the VoIP Gateway.
Field Name | Possible Values | Default Value | Description |
gwuser | Any string | Sangoma | NSG SIP incoming registration authentication user name.
For security reasons, make sure to change these default settings. |
gwpassword | Any string | Sangoma | NSG SIP incoming registration authentication password
For security reasons, make sure to change these default settings |
outbound_caller_name | Any string | Netborder SS7 to VoIP Media Gateway | Global caller id name defaults (used if no caller id name is present on the call) for both PSTN and SIP |
outbound_caller_id | Any digits | 9054741990 | Global caller id defaults (used if no caller id is present on the call) for both PSTN and SIP |
sip_port | Any port number | 5062 | SIP service local port number. |
sip_ip | Any ip address | System IP | SIP service, local IP address. By default a local system eth0 address is taken as default ip address. |
sip_dtmf_type | rfc2833 info none | rfc2833 | rfc2833 - DTMF passed via RTP oob message info - DTMF passed via SIP INFO message none - DTMF passed via inband media |
rfc2833_pt | Any number | 101 | rfc2833 rtp payload type override. Ability to set the RTP payload type for rfc2833. Use d edge cases where remote equipment is not per spec. |
sip_user_agent | Any string | Netborder SS7 to VoIP Media Gateway 4.0 | SIP INVITE user agent name string. |
rtp_start_port | Any port | 21000 | RTP port starting range value. NSG will pick RTP ports for each call within this range. |
rtp_end_port | Any port | 31000 | RTP port stop range value. NSG will pick RTP ports for each call within this range |
pstn_default_group | g1,g2,g3,g4 …. | g1 | Default pstn dial group number, in case the group is not specified in the dial string. |
radius_auth_host | Any ip address:port | 10.199.0.3:1812 | Location of the Radius server, that will be used to authenticate incoming calls. |
radius_auth_secret | Any string | testing123 | Password of the remote Radius server. |
SS7 ISUP Configuration
SS7 is a signaling protocol, it is used to carry call control information such as call start, call progress, call hang-up etc. The SS7 call control information is used to control arbitrary number of voice channels that are carried using T1/E1 spans.
In a typical SS7 setup the telco will provide you with SS7 information that will be used to map T1/E1 physical spans and channels into SS7 call control information.
The NSG TDM SS7 configuration page has been designed as bottom up SS7 configuration approach.
Identify T1/E1 spans on your system
For each T1/E1 span on your system:
Determine which T1/E1 spans will carry SS7 Link channels
T1/E1 Span can either carry an
SS7 Link in one of its channels or
All T1/E1 channels can be used to carry voice.
Configure T1/E1 physical configuration parameters
Identify if T1/E1 span carries SS7 link or is Voice Only
If T1/E1 span has an SS7 link associate with it:
Create a new SS7 Link
Next step is to bind the new SS7 Link to an SS7 Linkset.
If an SS7 Link set does not exist, Create a new SS7 Link Set
Then bind the SS7 Link to an existing or new SS7 Link Set
Next step is to bind the SS7 Linkset into an SS7 Route.
If an SS7 Route does not exist, Create a new SS7 Route
Then bind the SS7 Linkset to an existing or new SS7 Route
Next step is to bind the SS7 Route into an SS7 ISUP Interface