Master DNL Class4
  • Introduction
  • Configure a new Class 4 instance
    • Setup Admin Access
    • First Time Login
    • Setup SIP Switch
  • Your First Call with Class 4 Fusion
    • Create Vendor Rate Table
    • Create Termination Vendor
    • Create Egress Trunk
    • Create Dynamic Route
    • Create Routing Plan
    • Create Client Rate Table
    • Create Termination Client
    • Create Ingress Trunk
    • Simulate Your Call
  • Support Contact
  • eLearning
  • Bug Reporting Process
  • Hardware Sizing
  • Licensing
  • Installation
    • Install with Tarball
    • Install with RPM
      • Step by Step Guide
    • Install with AWS
    • Install with Google Cloud
    • Distributed Architecture
      • Switch Server
        • dnl_live_monitor
        • dnl_tool
        • dnl_livecall
        • dnl_softswitch
        • dnl_watchdog
        • dnl_cloud
      • Web UI
        • dnl_web_helper
    • Troubleshoot Your Installation
    • Setup SSL on Web UI
    • LAN IP Setup for Virtual Machine
    • Change IP/MAC Address
    • Validate Your Installation
      • Check dnl_softswitch log
    • Configuring DNL softswitch
    • Setup Selinux
  • Configuring Stir/Shaken
    • Generating Certificate with Peeringhub.io
  • Upgrade an Existing Installation
    • Update an Existing Installation
      • Update with Tarball
      • Update with RPM
  • Stir Shaken
    • Introduction
    • Configure Class 4
    • Configure Stir Shaken in DB
    • Configure Ingress Trunk
    • Configuring Egress Trunk
    • Basic Configuration Example
    • Validation of Stir/Shaken Setup
    • Setup External AS/VS connectivity
  • Basic Switch Configuration
    • Integrate Class 4 to Google SMTP
    • Customize your logo
    • Customize Domain Name
    • Customize email template
    • Customize invoice template
    • Configuring Payment Gateway
      • Stripe Configuration
      • Paypal Configuration
    • Configuring CDR and PCAP Backup
      • Google Cloud Setup
    • Configuring SIP Registration
    • Configuring LRN
  • Quick Setup for Termination Traffic
    • Create Termination Vendor
      • Specify IP to send to egress
    • Create Termination Route
      • Routing Plan
      • Static Route
      • Dynamic Route
    • Create Termination Client
    • Test with Call Simuation
    • Test Calls with SIP Client
    • Check CDR
  • Quick Setup for Origination Traffic
    • Introduction
    • Create DID Vendors
    • Create DID Billing Plan
    • Create DID Clients
    • DID Repository
    • Assign DID to Client
    • Test Calls with Call Simulation
    • Setup for your client to buy DIDs from portal
  • Data Access
    • Postgres Database
      • Obtain Report Data from DB
      • Obtain CDR from DB
    • Raw Switch Data
      • CDR Data
        • Release Cause Definition
      • PCAP Data
      • Auto Data Cleanup
  • System Administration
    • Modules
    • Start and Stop
    • Logging
    • Software Updates
    • Setup additional dnl_softswitch
    • Add Additional IP to Switch
    • Configure SIP Cause Code and Q850 Mapping
    • Enable Media Proxy
  • Class 4 API
    • Authorization
    • Class4 API
  • Troubleshooting
    • Calls are failure
    • Change Q850 in 4xx/5xx
    • One-way Audio with SIP Client Testing
      • Using Zoiper to resolve NAT issue
  • Automatic Call Blocking
    • Introduction
    • Youmail Blocking
    • DNC Blocking
    • LERG Blocking
Powered by GitBook
On this page

Was this helpful?

  1. Stir Shaken

Configure Stir Shaken in DB

Trunk setting can be defined in Class 4 DB. The name of the table is "resource." The resource DB table has fields for configuring stir shaken signing and verificaiton methods.

  • resource.shaken_sign_policy - conditions on which switch is allowed sign the call (for ingress trunks):

0 - Never sign calls 
1 - Sign only US numbers 
2 - Sign any telephone number (URI is not allowed) 3 - Sign only numbers from the pool
  • resource.shaken_vfy_policy (for ingress trunks) - conditions to block calls:

0 - None: do not block calls based on shaken identity 
1 - Reject the call if Identity is missing 
2 - Reject the call if Identity is missing or invalid 
3 - Pass through: allow all calls (same as 0)
  • resource.shaken_vfy_policy (for egress trunks) - conditions to route the call to egress:

0 - None: route all calls; do not sign/validate 
1 - Block if missing: route the call if Identity is provided in the inbound INVITE, or if it can be created. Do not perform validation. 
2 - Block if invalid: route the call if inbound INVITE contains a _valid_ identity, or if inbound INVITE does not contain Identity but ingress sign policy allows to create one 
3 - Pass through: if inbound INVITE does not have Identity, try to sign the call, if ingress allows it. Otherwise - pass the call as is, performing signature validation.
  • resource.shaken_allow_resign (for ingress trunks):

If inbound INVITE contains an Identity, inside of which ANI/DNIS do not match outbound INVITE, switch is allowed to create a new signature. This flag takes effect if egress shaken_vfy_policy is "Block if invalid" or "Pass through", and if ingress sign policy allows to sign calls.
  • resource.shaken_p_headers - put SHAKEN signature parameters into INVITE headers (for egress trunks):

0 - None 
1 - Regular: put verstat into P-Asserted-Identity header 
2 - Extended: put verstat into P-Asserted-Identity header; origid into P-Origination-ID; attestation level into P-Attestation-Indicator

Verstat value contains signature validation status, which should be shown on user's device. Since validation is configurable, the value depends on egress's vfy policy. vfy_policy - possible verstat values:

0 - No-TN-Validation 
1 - No-TN-Validation 
2 - TN-Validation-Passed 
3 - No-TN-Validation / TN-Validation-Passed / TN-Validation-Failed (depending on signature validation status)
PreviousConfigure Class 4NextConfigure Ingress Trunk

Last updated 2 years ago

Was this helpful?