Making ACI Configurations Consistent
Scenario: We have a CUCM cluster servicing disparate geographic locations and want to use the Local Route Group (LRG) feature for PSTN call routing. We also want to ensure that PSTN calls are routed to an alternate gateway if the local gateway is not available. To do this, we will globalize PSTN calls, apply call routing, and then use Called Party Transformation Patterns to localize calls at each gateway based on PSTN requirements.
At this point, we have the following:
User dials a PSTN pattern -> Call is globalized to an E.164 pattern -> Call is routed to a PSTN gateway
Without further configuration, a local call to 5551000 at Site 1 will first be sent to the local gateway as +12025551000; however, the local PSTN requirement is 7-digit dialing. If the local gateway were unavailable, this call would be routed to Site 2; however, the PSTN requirement for routing the call out of the Site 2 gateway might be 1+10 digit (long distance) dialing. In either case, we need to localize the call and verify the digit manipulation.
To route local calls out of the local gateway at Site 1 as 7-digit local calls, we add the following CUCM configurations:
Now we have an example of why and how you might use Called Party Transformation Patterns but we want to know that it works. As I said earlier, DNA is a great tool but it doesn’t work for everything and it’s nice to verify that a configuration is working end-to-end as expected sooner rather than later in the build process, if possible. You can still use DNA to verify the basic call routing; however, you won’t see the transformed number applied at the gateway in the DNA output.
Verify Digit Manipulation: To verify that proper digit manipulation is being applied when using Called Party Transformation Patterns as outlined above, you can use the “debug voice ccapi inout” IOS debug command. Using the example above, let’s login to the local PSTN gateway for Site 1 and verify that localization works for local 7-digit calls routed to the local gateway:
In the debug output, you can see that the Destination and Called Number have been localized to 7-digit patterns. Using the logic/approach defined above, we would just need to add configurations to complete the CUCM build/deployment.
Making ACI Configurations Consistent
Six Tips to Help with Your Next Configuration Audit
Does Security Belong Near Endpoints?
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.