effective deployment and migration strategies of ip pbx alfredo rizzo adapt ...
TRANSCRIPT
Effective Deployment and Migration Strategies of IP PBX
Alfredo RizzoAdapt
www.teamadapt.com [email protected] 773.634.2044
What Was Holding VOIP Back?
• Proprietary Protocols
• Lack of Features• Reliability
Perceptions• Legacy
Integration Models
• Cost of End Points
• Declining Traditional Costs (LD)
• Lack of Applications Convergence
• Remote Survivability
Session Outline
• Define and Understand "Quality of Service"– What are the Issues Affecting QoS
• Network Exposure and Security– What is the impact of NATs and Firewalls on a VoIP
Implementation
• Issues when Integrating with Existing / Legacy Infrastructure
• Preparing Your Network– Cabling– Network Core– Power– Remote Survivability
Define and Understand “Quality of Service” (“QoS”)
• Define “Quality”• What are the Issues Affecting Quality?
– Delay (Latency)– Jitter– Bandwidth
• Define QoS– Define Packet Shaping – Where and How to Implement QoS– LAN vs. WAN– Monitoring and Reporting
Define and Understand “Quality”
What is Quality? Quality is a characteristic that can only be measured in words, not numbers. A phone call can be “good”, “noisy”, “jittery” or “unintelligible”.
A way of measuring Quality
• A group of users make calls and rate them “Excellent”, “Fair”, “Poor”, etc. The quality of the calls will be the average of all their scores, or the Mean Opinion Score (MOS).
• The European Telecommunications Standards Institute (ETSI) developed an accepted way of measuring voice quality called the “E-Model”, which is based on the MOS.
Delay can Affect Quality
• Delay (Latency) is defined as:– the amount of time it takes for sound
from a talker’s mouth to arrive at the listener’s ear.
• The maximum amount of delay that is acceptable for a one-way transmission is described by the International Telecommunications Union in Document G.114
G.114
ITU Recommendation (in ms)
Private Network Recommendation (in ms)
Description
0 – 150 0 – 200 Acceptable for most applications
150 – 400 200 – 250 Acceptable provided that the administrators are aware.
400+ 250+ Unacceptable
G.114
Manage Your Delay Budget
• Serialization Delay - the speed at which the router processes each packet. This adds precious milliseconds to the delay budget. Older, slower routers are not recommended for voice applications.
• Packetization Delay - the amount of time it takes for the telephony device (IP Phone, Router, IP PBX) to packetize the audio sample.
• Propagation Delay – the amount of time it takes for packets to travel down the medium.
Jitter
– Variation in delay– Caused by network congestion– Causes jitter buffer overruns can occur
Bandwidth
• How much is enough for IP Telephony?– Depends on:
• Number of simultaneous sessions• Codec(s) used• Will Voice Activity Detection (VAD) be used?• Transport Protocol (cRTP, etc.)• Control Protocol (RTCP)• Data Link Protocol (Ethernet, Serial, ATM, Frame)
– Very different considerations for LAN vs. WAN
Calculating Required Bandwidth
Quality of Service (QoS)
• Quality Of Service (QoS) refers to the mechanisms in the network that make the actual determination of which packets have priority.
• QoS policies give priority to traffic based on their relative importance to the business.
• However, this only prioritizes traffic; it does not guarantee a level of bandwidth. Without guaranteed bandwidth, high priority applications will still experience performance degradation.
Traffic Shaping
• Traffic shaping can be used to actually guarantee bandwidth for certain types of traffic and limit available bandwidth for others. Traffic shaping can provide an effective way to prevent congestion, minimizing the impact of rogue traffic on mission-critical applications.
LAN Settings
• Where to I “tag” my packets?– The VoIP endpoint can tag the packet, and the
switch can trust its tagging– It is easiest to tag at the switch ports, if those
are used exclusively for VoIP devices– This avoids router packet inspection – all they
must do is maintain the tags and enforce them (or a separate packet shaper can)
• LAN-only traffic can use G.711, no VAD– Less packetization delay– Less expensive hardware
WAN Settings – Manage your Scarcest Resources Most Efficiently
WAN Settings
• Can your router do traffic shaping or do you need an external device?
• If using frame relay, you can use separate PVCs for voice and data, and thus guarantee your required voice bandwidth
• Protocol selection and compression algorithms are very important
Monitoring and Reporting
• Many packages available
• Allows you to do “what if” scenarios
• Allows you to report on QoS performance and adherence to requirements
• Allows you to plan for future growth
What Can Affect QoS
• Bad design/planning, resulting in:– Inadequate network equipment to enforce QoS
and shape traffic– Insufficient bandwidth– Incorrect assumptions regarding bandwidth-
affecting factors– Insufficient management/reporting tools – you
must inspect what you expect
• Lack of end-to-end adherence– Within your network– Within others’ (carriers, etc.) networks
Network Exposure and Security
• What is the impact of NATs and Firewalls on a VoIP Implementation?– Significant– Security issue – many VoIP protocols
use clear text messaging– When extending VoIP service to remote
and home offices, you must consider VPNs, which provide encrypted tunneling
Firewalls and NAT
• Let’s consider the audience – carriers and enterprises that will provide both the VoIP and IP services to users. You control the firewalls and NATs.
What’s the Problem with NAT?
• VoIP protocols for session control (SIP, H.323, MGCP, MEGACO) are Application Layer protocols
• But IP operates at the Network Layer (Layer 3) and NAT devices change that address.
– Now VoIP message (in UDP) comes back to the sender’s public address, and is discarded.
What’s the problem with Firewalls?
• Firewalls control all TCP and UDP port availability through policies.
• Typically only certain ports (static) are allowed from certain source addresses to certain destination addresses
• But VoIP sessions use a dynamically generated port address just for that session. No two sessions will use the same port address at the same endpoint (i.e., IP PBX).
What Can We Do?
• The IETF has come up with two ways of getting around these problem:• MIDCOM (RFCs 3303, 3304)• STUN (RFC 3489)
• uPNP – created by an industry consortium, primarily with the goal of solving this puzzle in home networks that use a NAT device for outside communications. OS-dependent.
Middlebox Communications (MIDCOM)
• MIDCOM is an IETF protocol that allows an intermediate piece of hardware to mediate the SIP (or H.323, FTP, etc.) session, thereby getting around the problems of NAT.
• Architecture - http://www.ietf.org/rfc/rfc3303.txt
VoIP, NATs, and Firewalls
STUN
• Simple Traversal of UDP Networks• A temporary solution until MIDCOM
reaches widespread adoption• A service that can run on a server, or on a
piece of dedicated hardware• Its only job it to translate the UDP packets
so the audio stream can make it to its intended destination.
• Does not work with inbound-initiated sessions
STUN
• Simple Protocol• Works with Existing NAT• Main Features
– Allows Client to Discover Presence of NAT– Works in Multi-NAT Environments– Allows Client to Discover Type of NAT
• Symmetric• Full Cone• Restricted Cone• Port Restricted Cone
– Allows Discovery of Binding Lifetimes– Allows Clients to Discover if They are in the Same
Address Realm– Stateless Servers
STUN – Binding Acquisition
• Client sends STUN Request to Server– STUN Server can be
ANYWHERE on Public Internet
• STUN Server Response• Client knows Public IP for
that Socket• Client Sends INVITE Using
that IP to Receive Media• Call Flow Proceeds Normally
– No Special Proxy Functions
• Media Flows End-To-End
More Help is on the Way
• RFC 3581 - Making SIP “NAT Friendly”– “This extension defines a new parameter
for the Via header field, called "rport", that allows a client to request that the server send the response back to the source IP address and port from which the request originated.”
– Addresses SIP only, not RTP or other session control protocols
Application Layer Gateways (ALG)
• Firewall / NAT devices that give special treatment to VoIP streams.
• Can perform RTP Relay
Issues when Integrating with Existing/Legacy Infrastructure
• Support for analog devices• Tie lining to legacy PBX – need a gateway?• Coordinating extension and dial plans (no
news here)• Messaging
– who does it? Will need cover paths and pilot numbers into TUI.
– If both do it, will you replicate?• AMIS – Audio Messaging Interchange Specification• VPIM – Voice Profile for Internet Mail
New Issues
• Emergency Service (911/E911)– Do you need to provide 911 service for
telecommuters and remote offices? What happens if they dial 911 from their IP Phone?
– When the number follows the user, should 911 info? Who keeps that information?
– Some states require businesses with PBX equipment to pass 911 information to the PSAP based on the user’s location
Preparing Your Network
• Cabling
• Network Core
• Power
• Remote Survivability
Cabling
• Cabling options:– Separate CAT5 jacks for each IP phone/device.
• More wiring• Less expensive phones• Less switch configuration
– Same CAT5 jack for phone and PC• Less wiring• More expensive phones• More switch configuration (inter-switch trunking)• If you reboot your phone, your PC looses its network
connection
Network Core
• Switches must support QoS• Consider switch redundancy options• Voice should go on separate VLANs• Configuring phones –
– DHCP for IP address assignment– Mostly TFTP for configuration file
download– new RFC for SIP information through
DHCP
Power
• Typically, you must maintain power to phones for several hours in the event of an outage– 911 calling– Business continuity, at least to a subset of
phones• Possible solutions
– PoE – Power over Ethernet – IEEE 802.3af• Powered Switches• In-line Powered Patch Panels
– FXS Media Gateways in the closet (with UPS)– UPSs on all phones
Remote Survivability
• Phones must be able to “get out” in the event that a WAN link connecting them to their IP PBX goes down
• Can be vendor-specific or standards-based
• 911 – ANI must reflect correct address to PSAP
Questions / Comments