WIN-T Inc 1a Delta

DMVPN, Voice Over IP, CCM

Volume 2

Table of Contents

Chapter 1 Dynamic Multi-Point Virtual Private Networks Chapter 2 Layer 2 Switching and VLANs Chapter 3 Voice Overview Chapter 4 Cisco Call Manager Basic Configuration Chapter 5 Cisco Call Manager Basic Features Chapter 6 Cisco Call Manager Advanced Features Chapter 7 Quality of Service Chapter 8 Appendix

TAB

Insert Tab # 1 Here

Dynamic Multi-Point Virtual Private Networks

DMVPN

2

3

JNN Network –Satellite Backbone

Hub Node

BN CPN BN CPN

STEP

Ku TDMA

Ku FDMA

(BCT)

(Battalion level unit)

JNN

(Div/Corps)

DISN/GIG

DISN/GIG(cable)

The JNN network utilizes a Ku Band commercial satellite network for the backbone interconnectivity of its systems. Both Time Division Multiple Access (TDMA) and Frequency Division Multiple Access (FDMA) are utilized. The JNN network architecture is composed of three primary elements: 1. Unit Hub Node (UHN) 2. Joint Network Node (JNN) 3. Battalion Command Post Node (Bn CPN) These systems provide communications support to the various elements within an Army Division. The UHN is located at the Division and/or the Corps element. It provides connectivity to the Defense Information Systems Network (DISN) and the Global Information Grid (GIG). The UHN utilizes both FDMA and TDMA satellite connectivity. The JNN is located at the Brigade Combat Team (BCT) element. It serves as both a distribution point for the various systems within the BCT and provides direct network services for the Brigade headquarter elements. The JNN can utilize both TDMA and FDMA satellite connectivity. It has a single FDMA link, which is usually reserved connectivity to the UHN. The Bn CPN provides direct network access to users within a Battalion element. It utilizes only TDMA satellite connectivity. It has permanent links to the UHN and/or JNN and can establish on demand connections to other CPNs within the BCT.

4

Why Satellite?

• Allows for beyond line of sight (BLOS) extension.

• Accessible from virtually anywhere on the battlefield.

• No need for extensive “link” planning for installation of ground systems at a new location.

• Scales well for maneuver units.

• Current ground equipment readily transportable.

The use of satellite communications by the JNN network allows for the installation and operation of a very flexible intra-network backbone for its users. Tactical line of sight radio systems are normally limited to a maximum range of approximately 40 miles. This limits the area on a battlefield that maneuver units can cover. With satellite, two systems can establish a radio link as long as they are within the earth “footprint” of the satellite coverage. This coverage can be rather large allowing systems to be hundreds of miles apart. LOS radio link installation requires extensive planning and engineering utilizing complex computer programs to provide a “profile”. It is not always possible to establish an LOS radio link between two locations. Whenever LOS radio systems are moved to a new location, this link planning must be conducted again prior to the installation of the new radio link. Satellite on the other hand requires initial link planning for the installation of radio links. Once this is done, systems can move almost anywhere within the footprint and reestablish the radio link. Additionally, there are very virtually no limits to establishing a satellite link as long as there is a clear line of sight path between the earth system and the satellite. With the flexibility noted above, satellite based systems serve well in meeting the needs of Army combat units. As changes occur on the battlefield and units are required to move, satellite based systems provide them the ability to rapidly terminate and reestablish communications in a minimal amount of time. The current satellite systems utilized with the JNN systems are mounted on a tactical two wheeled trailer pulled by a HMMWV. This makes the system readily transportable for tactical maneuver units.

5

FDMA

• Users xmit on one carrier frequency and receive on another.• 2 carriers per full duplex link (point to point).• Scales poorly - inefficient use of space segment.• Does not support ad hoc networking.• Dedicated bandwidth, not shared.• No delay for link connection.

TDMA

• Users share carrier(s) for both xmit and receive.• Additional carriers can be defined to support network growth.• Scales well – efficient use of valuable space resource.• Supports ad hoc networking well.• Bandwidth is a shared resource, not dedicated.• Slight delay in establishing link connection.

Space Segment Usage/Efficiency

* Space segment efficiency directly related to type of modulation/encoding used.

Provided by BCBL(G)

Frequency Division Multiple Access: FDMA is a traditional technique whereby earth stations transmit simultaneously on different pre-assigned frequencies, into a common satellite transponder. In addition, the FDMA carrier is allotted a certain amount of bandwidth. This carrier is constantly being transmitted to the satellite, processed by it, and retransmitted back to earth by it regardless of user traffic. Only the system assigned a certain transmit frequency can use the allocated bandwidth. Time Division Multiple Access: TDMA is a digital transmission technology that allows a number of users to access a single radio frequency (RF) carrier without interference by allocating unique time slots to each user within each carrier. The type utilized within JNTC-S is referred to as Multi-Frequency TDMA Demand Assigned Multiple Access. This allows for dynamic allocation of time slots based on user requirements and allows multiple carriers on the satellite within the TDMA network. This forms a “bandwidth pool” for the users.

6

FDMA/TDMA Satellite Payload-users present

• Above depicts two users communicating via a satellite link - TDMA or FDMA.• Spectrum analyzer display depicts the radio carrier used between the two systems.• The carrier has a center frequency plus a certain amount of bandwidth.• Amount of bandwidth is dependant upon data rate transfer.

The above diagram displays two ground based satellite systems with a radio link established between the two through a satellite. This could be an FDMA or TDMA link. There are two users communicating through this link with laptop computers. Depicted between the two systems is a display from a spectrum analyzer. The “hump” on the screen is a representation of the radio carrier being received by one of the satellite systems. The carrier has a center frequency and a certain amount of bandwidth being utilized on each side of this center frequency. The amount of bandwidth is determined by the data rate being transmitted by the earth systems.

7

• Above depicts two systems with no user data being transferred.• Satellite resource utilization remains unchanged on an FDMA link.• Carrier can only be utilized by systems with the pre-assigned frequency & bandwidth.• User activity or inactivity has no affect on satellite resource utilization.

FDMA Satellite Payload-no users present

The diagram now shows no user traffic being transmitted through the satellite radio link. From a satellite resource utilization standpoint, there would be no change on an FDMA link (as depicted by the spectrum analyzer display). FDMA systems have pre-assigned frequencies and pre-assigned bandwidth allocation; only the systems allocated these resources can utilize them. User activity or inactivity has no affect on satellite resource utilization.

8

• Above depicts two systems with no user data being transferred.• No satellite resources are utilized on a TDMA link.• Once user data transfer is complete, bandwidth is returned to a pool for use by

other systems.• Bandwidth is allocated on demand - based on user requirements.• User activity or inactivity has a direct affect on satellite resource utilization.

TDMA Satellite Payload-no users present

The diagram still shows no user traffic being transmitted through the satellite radio link. From a satellite resource utilization standpoint, there would be a change on a TDMA link (as depicted by the spectrum analyzer display). Resources on a TDMA satellite network are allocated based on user requirements. When users communicating through a TDMA satellite link have information to transfer, resources are allocated, a carrier (center frequency and bandwidth), to support the requirement. Once the transfer of this information is complete, the resources are returned to a pool for use by other systems as needed.

9

• Internet Engineering Task Force (IETF): A VPN is “An emulation of a private Wide Area Network (WAN) using shared or public IP facilities, such as the Internet orprivate IP backbones.”

• In simpler terms, a VPN is an extension of a private intranet across a publicnetwork (the Internet) that ensures secure and cost-effective connectivity between the two communicating ends.

Headquarters Home Office

Branch OfficeInternet

Virtual Private Network (VPN)

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities, but at a much lower cost. VPNs establish a secure network over insecure or public networks. VPNs can take many different forms and be implemented in various ways. VPNs achieve their security by encrypting the traffic that they transport, preventing eavesdropping, or interception. In simplest terms, a VPN is fundamentally a secure tunnel established between two or more endpoints. A VPN can be constructed with or without the knowledge of the network provider, and can span multiple network providers.

10

Tunneling

Data TCP Hdr IP Hdr original IP packet

IP packet encapsulated w/tunnel protocol

• VPNs are established with the help of private logical tunnels. Tunneling is theencapsulation of one protocol within another.

• Tunnels enable the two ends to exchange data in a manner that resembles point-to-point communications.

• From a routing protocol stand point, the two routers depicted above would act asdirectly connected neighbors through the tunnel even though there may be several other routers physically between them.

TunnelTrailer

Data TCP Hdr

TunnelHdr

Orig IP Hdr

New IP Hdr

The VPNs are established with the help of private logical "tunnels." These tunnels enable the two ends to exchange data in a manner that resembles point-to-point communication. Tunneling technology lies at the core of VPNs. In addition, elaborate security measures and mechanisms can be used to ensure safe passage of sensitive data across an unsecured medium. Tunneling is the technique of encapsulating a data packet in a tunneling protocol, such as IP Security (IPSec), Point-to-Point Tunneling Protocol (PPTP), or Layer 2 Tunneling Protocol (L2TP), and then finally packaging the tunneled packet into an IP packet. The resultant packet is then routed to the destination network using the overlying IP information. Because the original data packet can be of any type, tunneling can support multi-protocol traffic, including IP, ISDN, FR, and ATM.

11

Tunnel Protocols

• Point-to-Point Tunneling Protocol (PPTP)

• Layer 2 Tunneling Protocol (L2TP)

• Internet Security Protocol (IPSec)*

• Generic Routing Encapsulation (GRE)

• Multi-point Generic Routing Encapsulation (mGRE)*

*utilized within the JNN network architecture

Point-to-Point Tunneling Protocol (PPTP) - Developed by Microsoft, 3COM, and Ascend Communications, PPTP was proposed as an alternative to IPSec. However, IPSec remains the favorite tunneling protocol. PPTP operates at layer 2 (Data Link layer) of the OSI model and is used for secure transmission of Windows-based traffic. Layer 2 Tunneling Protocol (L2TP) - Developed by Cisco Systems, L2TP was also intended to replace IPSec as the de facto tunneling protocol. However, IPSec continues to be the dominant protocol for secure communication over the Internet. L2TP is a combination of Layer 2 Forwarding (L2F) and PPTP and is used to encapsulate Point-to-Point Protocol (PPP) frames to be sent over X.25, FR, and ATM networks. IP Security (IPSec) - Developed by IETF, IPSec is an open standard that ensures transmission security and user authentication over public networks. Unlike other encryption techniques, IPSec operates at the Network layer of the seven-layer Open System Interconnect (OSI) model. Therefore, it can be implemented independently of the applications running over the network. As a result, the network can be secured without the need to implement and coordinate security for each individual application. Generic Routing Encapsulation (GRE) - A tunneling protocol developed by Cisco that can encapsulate a wide variety of protocol packet types inside IP tunnels, creating a virtual point-to-point link to Cisco routers at remote points over an IP inter-network. GRE allows routing updates to be sent over links that do not support broadcast and/or multicast. Multi-Point Generic Routing Encapsulation (mGRE) - mGRE allows a single GRE tunnel interface to support multiple tunnels (GRE is strictly point to point). This greatly simplifies the tunnel configuration and when used in conjunction with NHRP, tunnels can be established dynamically.

12

2.2.2.1/30s0/0s0/0

1.1.1.1/3012.12.12.0/24 11.11.11.0/24

.2 .2

UDPUDP IP HdrIP HdrPayloadPayload Tunn

IP HdrTunnIP Hdr

UDPUDP IP HdrIP

HdrPayloadPayload

GREGREs – 12.12.12.2d – 11.11.11.2

s – 12.12.12.2d – 11.11.11.2

UDPUDP IP HdrIP

HdrPayloadPayload

s – 12.12.12.2d – 11.11.11.2

s – 1.1.1.1d – 2.2.2.1

GRE Tunnel

• Routers 1 & 2 have a GRE tunnel established.

- host 12.12.12.2 sends a packet to host 11.11.11.2- router 1 encapsulates the packet with the IP’s assigned to serial interfaces.- router 2 de-encapsulates and delivers original packet.

• Packet is routed through the Internet based on the tunnel IP header.

1 2Internet

Generic Routing Encapsulation (GRE) is a Cisco proprietary (but published) standard for encapsulating routing protocols. It can encapsulate a wide variety of protocol packet types inside IP tunnels, creating a virtual point-to-point link to Cisco routers at remote points over an IP inter-network. By connecting multi-protocol sub-networks in a single-protocol backbone environment, IP tunneling that uses GRE allows network expansion across a single-protocol backbone environment. GRE, as specified in [RFC2784], is an IETF standard defining multi-protocol encapsulation format that could be suitable to tunnel any network layer protocol over any network layer protocol. GRE is normally used in two classes of applications: the transport of different protocols between IP networks and the provision of VPN services for networks configured with potentially overlapping private address space. The GRE header key field can be used to discriminate the identity of the customer network where encapsulated packets originate. In this way, it provides a way to offer many virtual interfaces to customer networks on a single GRE tunnel endpoint. This feature allows for policy-based routing (that is, when routing decisions are not based only on the destination IP address but on the combination of a virtual interface identifier, and the destination IP address) and relatively easy per-user network accounting. In addition, a GRE header allows the identification of the type of the protocol that is being carried over the GRE tunnel, thus allowing IP networks to serve as a bearer service onto which a virtual multi-protocol network can be defined and implemented. Similar to the IP in IP tunneling mechanism, the GRE tunneling technology does not include a tunnel setup protocol. It requires other protocols, such as Mobile IP, or network management to set up the tunnels. It also does not include security mechanisms and must be combined with IPSec to support secure user data delivery.

13

interface Tunnel0 creates a tunnel interface

ip address 10.10.10.1 255.255.255.252 assigns IP address & mask to tunnel

tunnel source Serial0/0 specifies which physical interface tunnel will utilize

tunnel destination 148.43.200.9 specifies the physical address associated with the distant end of the tunnel

GRE Tunnel Configuration

• GRE tunnels are point to point networks.

• GRE is the default tunnel encapsulation on a Cisco router.

• The physical IPs are used for encapsulating & routing the packet.

Above is the configuration commands utilized to establish a simple static GRE tunnel on a router. Once configured, the router treats the virtual tunnel interface the same as a physical interface. interface tunnel0: creates the tunnel interface; the tunnel can be designated with any number. NOTE: the three following commands are applied to the tunnel interface ip address: assigns an ip address and mask to the tunnel interface. tunnel source: specifies which physical interface on the router the tunnel interface will utilize to establish a connection to the distant end tunnel interface. tunnel destination: specifies the address of the physical interface the distant end tunnel interface is utilizing as its tunnel source. GRE IP is the default tunnel encapsulation on a Cisco router and therefore does not have to be configured.

14

GRE Tunnel Lab 1

interface Tunnel0ip address 10.10.10.1 255.255.255.252tunnel source Serial0/0tunnel destination 148.43.200.9

interface Tunnel0ip address 10.10.10.2 255.255.255.252tunnel source Serial0/0tunnel destination 148.43.200.10

148.43.200.9/30s0/0s0/0

148.43.200.10/3012.12.12.0/24 11.11.11.0/24

• Install the network as shown above.

• Enable EIGRP, configure network statements for tunnel & Ethernet interfaces.

• Once complete, ping from host computer to host computer.

In the above lab, establish a point-to-point router network. Then configure tunnel interfaces on each router utilizing the configuration examples above. Once the tunnel interfaces are installed, configure EIGRP with network statements for the tunnel interfaces and the Ethernet segments. Perform a ping test from a host on one Ethernet segment to a host the other. Examine the routing table of each router. What is the next hop address of the networks learned via EIGRP? The above diagram has a tunnel being established between two directly connected routers. It is possible to establish a tunnel between two routers with multiple routers in between. The two tunnel interfaces would act as if they are directly connected. It is a good practice to utilize different routing protocols on the tunnel and physical interfaces to prevent routing loops.

15

f0/0

GRE Tunnel Lab 2

f0/0

f0/0

f0/0

f0/0

f0/0

f0/0.193/28

.194/28

.195/28

.198/28

.197/28

.196/28.199/28

11.11.11.0/24

12.12.12.0/24

13.13.13.0/24

17.17.17.0/2414.14.14.0/24

15.15.15.0/24

16.16.16.0/24

1

2

3

4

5

6

7

The above is a broadcast multi-access network. The goal is to establish tunnels between all the systems. The following is a configuration example for router 1. Based on this example, as a group come up with an addressing & configuration scheme for each router within the tunneled network: Tunnel0 10.10.10.1/30, dest 148.43.200.194 Tunnel1 10.10.10.5/30, dest 148.43.200.195 Tunnel2 10.10.10.9/30, dest 148.43.200.196 Tunnel3 10.10.10.13/30, dest 148.43.200.197 Tunnel4 10.10.10.17/30, dest 148.43.200.198 Tunnel5 10.10.10.21/30, dest 148.43.200.199 How many subnets were created in this topology? By having all of these tunnels permanently in place, what affect would this have on the TDMA satellite network? If a router was added or removed from the topology, what would have to take place within the configurations? If time permits, install the above network within the classroom.

16

DMVPN

CommercialTDMA

Bn CPN Bn CPN

JNN

• DMVPN technology is utilized within the JNN network Architecture.

• Permanent VPNs are established between Hub/JNN & Bn CPN systems.

• Connections between CPN systems are established on an as needed basis utilizing DMVPN technology.

• TDMA satellite bandwidth is a shared resource; DMVPNs allow this to be utilized more efficiently.

The JNN network utilizes satellite radio links as the backbone to interconnect its IP based systems. There are two types of satellite networks within the JNN architecture: Time Division Multiple Access (TDMA) and Frequency Division Multiple Access (FDMA). For the past several years, legacy tactical communications systems have utilized FDMA satellite networks. Within FDMA, individual satellite systems are assigned a frequency and a certain amount of bandwidth. These two resources can then only be utilized by that system even if there is actually no user communications going through this link. TDMA on the other hand pools satellite bandwidth for use by ground systems on an as needed or demand basis. It is somewhat similar to a radio Ethernet network. For IP based systems to effectively utilize this TDMA network, dynamic multi-point virtual private networks (DMVPN) are established. IP Security (IPSec) is utilized to encrypt and authenticate the DMVPN traffic. DMVPN is composed of two protocols: multi-point generic routing encapsulation (mGRE) and next hop resolution protocol (NHRP). A DMVPN network is based on a hub/spoke topology. A system acts as the hub and all the others are considered spokes. Each spoke makes a permanent virtual connection to the hub. Initially, when a spoke system has traffic destined for another spoke system, it is routed through the hub. Utilizing NHRP, the hub provides the appropriate information so that a temporary virtual connection can be made between the two spoke systems. Essentially, connections are made on an as needed basis therefore effectively utilizing the satellite resources.

17

What is a DMVPN?

• DMVPNs allow the dynamic establishment of multiple GRE tunnelsthrough a single tunnel interface.

- based on a hub/spoke network design- tunnels can be established dynamically (as needed)- more efficiently utilizes network resources- minimizes router configuration size- allows routers to be added or removed from the topology without reconfiguring present routers

•Two protocols are utilized within DMVPNs.

- Multi-point GRE (mGRE)- Next Hop Resolution Protocol (NHRP)

The idea behind DMVPNs is that tunnels between certain routers can be established on an as needed basis. This has many benefits. The design is based on a hub/spoke topology with all spoke systems having a permanent tunnel to the hub system. Then as required the spoke systems dynamically establish tunnels between each other with information provided by the hub. This establishing of tunnels as needed and then terminating them once packet transfer is complete is very efficient in that network resources are only utilized when needed. Permanent VPNs (tunnels) utilize network resources even when there is no user traffic being transferred through the tunnel. When utilizing static tunnels with GRE, a separate tunnel interface and sub-net must be configured between the hub and each spoke. Depending on the number of routers involved, the size of the configuration and the numbers of IP’s required can be become quite extensive. DMVPNs by contrast have a simple configuration and the size of the configuration remains the same regardless of the number of routes participating. With DMVPNs as the network, topology changes (adding or removing routers) the configurations of the existing routers do not have to be modified. This makes the scaling of a DMVPN network very flexible. Static tunnels by contrast would require configuration changes to all routers within the network topology. To establish DMVPNs, three protocols are utilized: Multi-point GRE (mGRE), Next Hop Resolution Protocol (NHRP), and a dynamic routing protocol (OSPF or EIGRP).

18

Multi-Point Generic Router Encapsulation

• mGRE — allows a single GRE tunnel interface to support multiple tunnels.

• GRE tunnel configuration consists of:- ip address & mask- tunnel source- tunnel destination- optional tunnel key

• mGRE tunnel configuration consists of:- ip address & mask- tunnel source- tunnel key

• With mGRE, the tunnel destination is not defined.

• mGRE relies on NHRP to supply the tunnel destination information which it then utilizes to dynamically establish the tunnel.

Tunneling protocols such as IPSec can only support IP unicast traffic. Routing protocols such as OSPF and EIGRP exchange routing information via multi-cast therefore tunneling protocols such as IPSec cannot support dynamic routing. GRE was created to support multi-protocol traffic (IPX & AppleTalk) and in addition support all types of IP traffic (unicast, broadcast, & multicast). GRE however only supports point-to-point tunneling in which the source and destination addresses are specified. For each additional tunnel, a separate tunnel interface must be configured with the source and destination specified. mGRE, on the other hand, allows the establishment of multiple tunnels via a single tunnel interface. It is in a sense a broadcast multi-access tunnel interface. Within the mGRE configuration, only the source addressing information is supplied. The destination address is learned dynamically relying on some other protocol such as NHRP.

19

• Client/server protocol: hub is server & spokes are clients.

• Each client registers with server: tunnel address and associatedtunnel source interface address (physical).

• Server maintains an NHRP database of these registrations.

• Clients request next hop information (tunnel to physical addressresolution) from server to establish dynamic tunnel to anotherspoke.

Next Hop Resolution Protocol (NHRP)

Next Hop Resolution Protocol (NHRP) is a client/server protocol that provides the capability for the spoke routers to dynamically learn the exterior physical interface address of other spoke routers within the DMVP network. Spoke routers a considered the clients and the hub router is the server. NHRP is used by a source station (host or router) connected to a Non-Broadcast, Multi-Access (NBMA) subnetwork to determine the internetworking layer address and NBMA subnetwork addresses of the "NBMA next hop" towards a destination station. If the destination is connected to the NBMA subnetwork, then the NBMA next hop is the destination station itself. Otherwise, the NBMA next hop is the egress router from the NBMA subnetwork that is "nearest" to the destination station. NHRP is intended for use in a multiprotocol internetworking layer environment over NBMA subnetworks. NHRP Resolution Requests traverse one or more hops within an NBMA subnetwork before reaching the station that is expected to generate a response. Each station, including the source station, chooses a neighboring NHS to which it will forward the NHRP Resolution Request. The NHS selection procedure typically involves applying a destination protocol layer address to the protocol layer routing table, which causes a routing decision to be returned. This routing decision is then used to forward the NHRP Resolution Request to the downstream NHS. The destination protocol layer address previously mentioned is carried within the NHRP Resolution Request packet. Note that even though a protocol layer address was used to acquire a routing decision, NHRP packets are not encapsulated within a protocol layer header but rather are carried at the NBMA layer using the encapsulation described in its own header.

20

• Hub is the NHRP server, spokes are clients.• Clients register to server with address mapping information.• Server replies to clients once registration is complete.

NHRP (1)

tunnel 10.10.10.2/28f0/1 148.43.200.10/29

tunnel 10.10.10.3/28f0/1 148.43.200.20/29

tunnel 10.10.10.1/28f0/1 148.43.200.1/29

NHRPRegistration10.10.10.2 148.43.200.10

client 1

serverRegistration

ReplyNHRP

Registration10.10.10.3 148.43.200.20

client 2

TDMATDMA

NHRP Database10.10.10.2 148.43.200.1010.10.10.3 148.43.200.20

The registration request is sent from the client (spoke) to the server (hub) in order to identify or register its NHRP information. The destination protocol address field is set to the server’s IP address or address of the client in the event the client is not specifically configured with next hop server information. If the address field is set with the server’s address or with a client’s address that is within the same subnet as the server, then the server places the client NHRP information in its NHRP database. The server then sends a registration reply to the client informing it is now registered with this server. If the destination protocol address field is not set with the server’s address and the client IP is not within the same subnet as the server, then the server forwards the registration to another next hop server.

21

NHRPResolution

Request10.10.10.3

• Client 1 has packets destined for a network belonging to client 2.• Client 1 sends request to server for resolution of the next hop tunnel address to physical address of client 2.

NHRP Database10.10.10.2 148.43.200.1010.10.10.3 148.43.200.20

tunnel 10.10.10.2/28f0/1 148.43.200.10/29

tunnel 10.10.10.3/28f0/1 148.43.200.20/29

tunnel 10.10.10.1/28f0/1 148.43.200.1/29

TDMA TDMA

server

client 1 client 2

NHRP (2)

A resolution request is sent from a client to the server in order to identify the address for the next hop end point in the network. If the requested endpoint belongs to the server that has received the request, then it formulates a reply based on information contained in its database. Otherwise, the request must be forwarded to a next hop server that supports that endpoint. Within the JNN DMVPN network, the request contains the destination router’s tunnel address requesting the destinations associated physical address.

22

NHRPResolution

Reply10.10.10.3 148.43.200.20

• Server replies with the tunnel to physical address resolution.• Client 1 enters this into its NHRP database.

tunnel 10.10.10.2/28f0/1 148.43.200.10/29

tunnel 10.10.10.3/28f0/1 148.43.200.20/29

tunnel 10.10.10.1/28f0/1 148.43.200.1/29

TDMA TDMA

NHRP Database

10.10.10.3 148.43.200.20

client 1 client 2

server

NHRP (3)NHRP Database

10.10.10.2 148.43.200.1010.10.10.3 148.43.200.20

A resolution reply is sent from the server to requesting client. The reply provides a mapping of the requested destination tunnel address to the destination physical address. This information is then entered into the client’s NHRP database. This type of reply is termed an authoritative reply. The server that supports the subnet in question generates the reply. In the case where a resolution request was forwarded by an NHRP server to another server, it is possible for a server to receive a resolution reply. Once it has received the reply, it forwards it to the originating client. It also caches this reply for later use. When the same request is received again, it can use this cached information to reply instead of forwarding the request to the server that actually supports that subnet. This type of reply is termed non-authoritative.

23

dynamic tunnel

• Client 1 utilizes received NHRP info to establish a dynamic tunnel to client 2.• Tunnel will be terminated after a predetermined amount of time.

tunnel 10.10.10.2/28f0/1 148.43.200.10/29

tunnel 10.10.10.3/28f0/1 148.43.200.20/29

tunnel 10.10.10.1/28f0/1 148.43.200.1/29

TDMA TDMA

NHRP Database10.10.10.3 148.43.200.20

TDMAclient client

UDPUDP IP HdrIP HdrPayloadPayload Tunn

IP HdrTunnIP HdrGREGRE

s – 148.43.200.10d – 148.43.200.20

NHRP (4)NHRP Database

10.10.10.2 148.43.200.1010.10.10.3 148.43.200.20

server

Once the client (spoke) has received the reply from the server and has entered it into its NHRP database, it now has the required information to establish a dynamic tunnel to the other spoke. When configuring mGRE tunnels, the information supplied is the IP address & mask of the tunnel and the source physical interface to be utilized by the tunnel. In addition to packets utilizing the tunnel actually exiting the configured physical interface, the tunneled packet also utilizes the IP address assigned to the physical interface as its source address. NHRP is dynamically supplying the destination tunnel address. The tunnel will be terminated after a predetermined amount of time. By default, the tunnel will stay active for 120 minutes. This value can be changed within the tunnel configuration.

24

DMVPN and Routing Protocols

• For DMVPN to work properly, a routing protocol must be enabled on the tunnel interface.

• Spokes must advertise their supported networks to the hub& the hub must propagate these to all the other spokes.

• Advertisements received by a spoke router must have the subnets originating router listed as the next hop.

• The same routing protocol cannot be enabled on the tunnel & physical interfaces or recursive routing may occur.

For DMVPNs to work properly, a routing protocol must be utilized within the tunnel network so that the spokes can advertise their supported subnets to the hub. The hub then propagates these so that each spoke has knowledge of the subnets within the DMVPN topology. This is a key piece in the establishment of DMVPNs and can be easily overlooked. It is very common for a routing protocol to also be in operation on the physical network in addition to the tunnel network. It is very important that different routing protocols be utilized inside and outside of the tunnel to prevent recursive routing (routing loops). Recursive routing simply means that the routing table has found that the best path to the tunnel destination is through the tunnel. This means that the router cannot send the tunnel protocol’s TCP packets to the destination device because it thinks that they have to be encapsulated in the tunnel protocol again. This is a loop of sorts and the tunnel will be in a constant state of being torn down and rebuilt (up/down status). The other problem that can occur when using the same routing protocol inside and outside the tunnel is that packets can possibly be routed external to the tunnel. This can cause numerous problems and somewhat defeats the purpose of establishing the tunnel. Also, if IPSec is being applied to the tunnel, any packets that should be going through the tunnel but are routed externally will not have IPSec applied.

25

OSPF & EIGRP

• Certain configuration steps must be applied to the tunnel interfacewhen utilizing OSPF and EIGRP.

• OSPF- configure OSPF network type to broadcast (ip ospf network broadcast).- configure OSPF priority so hub is always DR (ip ospf priority).- insure the IP MTU is set the same on all tunnel interfaces (ip mtu).

• EIGRP- split horizons must be disabled on the hub (no ip split-horizons eigrp).- by default, eigrp routers list themselves as the next hop for all advertisedroutes – must be disabled (no ip next-hop-self eigrp).

- configure tunnel interface bandwidth so that EIGRP related traffic can beproperly maintained.

- consideration should also be given to configuring the spoke routers as EIGRP stub routers.

Depending on the routing protocol selected, there are certain configuration steps that must be taken for it to work properly within a DMVPN environment. OSPF: • OSPF considers a tunnel interface point to point, and will not allow it to support multiple

connections. Tunnel interface must be set to broadcast within OSPF. • Once interface is set to broadcast, OSPF treats it as part of a broadcast multi-access

network. The hub router must always be the designated router. A good practice would be to set the priority of all the spokes to “0”.

• Insure that all the ip mtu setting on the tunnel interfaces within the DMVPN topology are set

the same. Two OSPF routers cannot form a neighbor relationship if this setting is different. EIGRP: • Split horizons must be disabled on the hub tunnel interface (split horizons is enabled by

default with EIGRP). Since the hub is using a single interface to form connections with several spoke routers, EIGRP has to be able to send routing updates received from one to all other spokes. With split horizons enabled, this is not possible.

• By default, when an EIGRP router advertises a network, it lists itself as the next hop even if

the network does not originate on that router. For DMVPNs to function properly, this must be disabled on the hub router. Networks advertised from spokes to the hub and then to other spokes must list the originating spoke as the next hop.

• The default bandwidth for a tunnel interface is 9 kbs. EIGRP will only utilize at a maximum

half the interface bandwidth – 4.5 kbs. This is too low for EIGRP to be properly maintained between neighboring routers. Set the bandwidth to a higher value such as 1000.

26

• Consideration should be given to configuring the EIGRP routers as stub. By definition, the spokes should only have connections to one router, the hub. Therefore, there is no value added by allowing the hub to query the spokes.

27

• By default, OSPF treats a tunnel interface as a point to point network.• All tunnel interfaces on routers within a DMVPN net are on the same subnet.• OSPF must operate as if it is enabled on a broadcast multi-access network.• Tunnel interface must be set to broadcast for proper operation of the DMVPN.

OSPF & DMVPN –Broadcast Network

hub

spoke 1 spoke 2tunnel 10.10.10.2/28 - broadcastf0/1 148.43.200.10/29

tunnel 10.10.10.3/28 - broadcastf0/1 148.43.200.20/29

tunnel 10.10.10.1/28 - broadcastf0/1 148.43.200.1/29

TDMA TDMA

hub

spoke 1 spoke 2

OSPF considers a tunnel interface as a point-to-point network and will not allow it to support multiple OSPF neighbor connections. For DMVPNs to function properly, the tunnel interface must be set to OSPF broadcast. All tunnel interfaces belonging to routers within the same DMVPN network are configured as part of the same subnet. Configuring the tunnel interface to broadcast will cause all of these routers to function as part of the same OSPF broadcast multi-access network.

28

• Spoke routers have permanent connectivity only to the hub router.• Spoke routers will only form an OSPF neighbor relationship with the hub.• The hub must be elected as the OSPF designated router (DR).• Set all spoke routers' OSPF priority to 0.

OSPF & DMVPN - Hub is DR

TDMA TDMA

hub

spoke 1 spoke 2

tunnel 10.10.10.2/28 - priority 0f0/1 148.43.200.10/29

tunnel 10.10.10.3/28 - priority 0f0/1 148.43.200.20/29

tunnel 10.10.10.1/28 - priority 1f0/1 148.43.200.1/29

(DR)

(Drother) (Drother)

Once the DMVPN topology has been configured to function as an OSPF broadcast multi-access network, the OSPF priority must be configured for the designated router (DR) election. The goal is have the hub (NHRP server) always be the DR and the spokes (NHRP clients) never be the DR. To accomplish this, all spokes should have their OSPF priority configured as “0”. If there are going to be multiple hubs (servers) within a single DMVPN topology, the priority should be set according to which of these should be the DR and which should be the backup designated router (BDR).

29

• Within the JNN network, several tunnels along with IPSec are configured.• These functions add additional bytes to the packet.• To limit fragmentation, the MTU settings of the IP packets is reduced. • For two routers to form an OSPF neighbor relationship, the interfaces providing

connectivity for this must have the same IP MTU setting.

OSPF & DMVPN - IP MTU

TDMA TDMA

hub

spoke 1 spoke 2

tunnel 10.10.10.2/28 - ip mtu 1420f0/1 148.43.200.10/29

tunnel 10.10.10.3/28 - ip mtu 1420f0/1 148.43.200.20/29

tunnel 10.10.10.1/28 - ip mtu 1420f0/1 148.43.200.1/29

Within the JNN TDMA topology, several tunnels are created and IPSec is applied to these tunnels at various points. This tunnel creation and application of IPSec causes additional overhead to be added to the original IP packet causing the size (bytes) of the packet to increase. Ethernet based networks have a default maximum transmission unit (MTU) of 1500 bytes. Once the packet exceeds this size, packet fragmentation occurs. This can have detrimental effects on the processing of packets and can interfere with the operation of IPSec. To prevent the fragmentation of packets on the interface, the IP MTU size is adjusted on the tunnel interface. The actual setting can be calculated based on the additional overhead added by the above noted processes. For two routers to form an OSPF neighbor relationship, the interfaces being utilized by the routers must have the same MTU setting.

30

DMVPN Configuration - JNN

interface Tunnel7731bandwidth 2048ip address 172.21.16.233 255.255.255.0ip mtu 1289ip nhrp authentication 167731ip nhrp map multicast dynamicip nhrp map multicast 10.230.16.1ip nhrp map 172.21.16.20 10.230.16.1ip nhrp network-id 7731ip nhrp holdtime 600ip nhrp nhs 172.21.16.20ip tcp adjust-mss 1201ip ospf network broadcastip ospf cost 1100ip ospf priority 10tunnel source GigabitEthernet0/1tunnel mode gre multipointtunnel key 7731

interface tunnel 7731: Configures a tunnel interface. ip address: Assigns an IP address & mask to the tunnel interface. ip mtu: Sets the maximum transmission unit size on the tunnel interface. If an IP packet exceeds the MTU set for the interface, the Cisco IOS software will fragment it. All devices on a physical medium must have the same protocol MTU in order to operate. Within the DMVPN network, the MTU size for the tunnel interface is set to a smaller size than what is utilized for the physical interface (such as 1500 for Ethernet). This insures that once the packet is encapsulated with mGRE and IPSec that it will not exceed the physical MTU size and be fragmented once the additional headers & encryption have been applied. ip nhrp authentication: Configure the authentication string for an interface using the Next Hop Resolution Protocol (NHRP). All routers configured with NHRP within one logical NBMA network must share the same authentication string. ip nhrp map multicast dynamic: Configures NBMA addresses for use as destinations for broadcast or multicast packets to be sent over a tunnel network. When multiple NBMA addresses are configured, the system replicates the broadcast packet for each address. When utilized with the key word dynamic, multicast & broadcast packets are sent to all entries within the NHRP database. This is utilized on the hub so that router neighbor relationships can be established with all spoke systems dynamically. ip nhrp network-id: Enables the Next Hop Resolution Protocol (NHRP) on an interface. All NHRP stations within one logical NBMA network must be configured with the same network identifier.

31

ip nhrp holdtime: Changes the number of seconds that NHRP NBMA addresses are advertised as valid in authoritative NHRP responses. The command affects authoritative responses only. The advertised holding time is the length of time the Cisco IOS software tells other routers to keep information that it is providing in authoritative NHRP responses. The cached IP-to-NBMA address mapping entries are discarded after the holding time expires. The NHRP cache can contain static and dynamic entries. The static entries never expire. Dynamic entries expire regardless of whether they are authoritative or non-authoritative. Ip tcp adjust-mss: Adjusts the MSS value of TCP SYN packets going through a router. The max-segment-size argument is the maximum segment size, in bytes. The range is from 500 to 1460. Due to the multiple encapsulations that end packets use in a multi-tunnel network, this helps ensure that each communications endpoint never sends a TCP packet that will be fragmented. ip ospf network broadcast: Configures the OSPF network type to a type other than the default for a given medium. By default, the router sees a tunnel interface as part of a point-to-point network. By using the command and the key word broadcast, it causes OSPF to operate in a broadcast multi-access mode. ip ospf priority: Sets the OSPF router priority, which helps determine the designated router for a BMA network. When two routers attached to a network both attempt to become the designated router, the one with the higher router priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. A router with a router priority set to zero is ineligible to become the designated router or backup designated router. In the DMVPN topology, the hub router should always be the designated router and the spokes never be the DR. tunnel source: Designates the router physical interface to be utilized as the source for this tunnel. Any traffic originating from the tunnel will be sent through the tunnel source interface. In addition, the IP address assigned to the tunnel source will be utilized as the source address of the tunneled packets. tunnel mode gre multipoint: Sets the tunnel encapsulation mode to gre multipoint. tunnel key: Enables an ID key for a tunnel interface. This command currently applies to (GRE) only. Tunnel ID keys can be used as a form of weak security to prevent improper configuration or injection of packets from a foreign source. When GRE is used, the ID key is carried in each packet. It is not recommended to be used for security purposes. All routers wishing to establish DMVPNs must have the same key. tunnel protection ipsec profile: Associates a tunnel interface with an IP Security (IPSec) profile. Use the command to specify that IPSec encryption will be performed after the GRE has been added to the tunnel packet. The tunnel protection command can be used with multipoint GRE (mGRE) and point-to-point GRE (p-pGRE) tunnels. With p-pGRE tunnels, the tunnel destination address will be used as the IPSec peer address. With mGRE tunnels, multiple IPSec peers are possible; the corresponding NHRP mapping NBMA destination addresses will be used as the IPSec peer addresses. If you wish to configure two Dynamic Multipoint VPN (DMVPN) mGRE and IPSec tunnels on the same router, you must issue the shared keyword.

32

DMVPN Configuration - CPN

interface Tunnel7731bandwidth 2048ip address 172.21.16.235 255.255.255.0ip mtu 1289ip nhrp authentication 167731ip nhrp map multicast 10.230.16.1ip nhrp map 172.21.16.20 10.230.16.1ip nhrp network-id 7731ip nhrp holdtime 600ip nhrp nhs 172.21.16.20ip tcp adjust-mss 1201ip ospf network broadcastip ospf cost 1100ip ospf priority 10tunnel source GigabitEthernet0/1tunnel mode gre multipointtunnel key 7731

NOTE: Commands that are the same for the hub and spoke will not have the explanation duplicated here. ip nhrp map: Statically configures the tunnel IP to a physical IP of a distant end router. This will force a static entry into the NHRP database. This is configured on the spoke and maps the IP’s of the hub router. ip nhrp map multicast: Configures NBMA addresses for use as destinations for broadcast or multicast packets to be sent over a tunnel network. The spokes utilize this command and map the addresses for the hub system. The spokes will only form a router neighbor relationship with the hub. ip nhrp nhs: Configures the virtual IP (tunnel) address of the NHRP server (hub). This address was previously mapped to a physical interface address in the “ip nhrp map” command.

33

router_hub#sho ip nhrp10.10.10.1/32 via 10.10.10.1, Tunnel0 created 03:27:40, expire 00:00:59

Type: dynamic, Flags: authoritative unique registered usedNBMA address: 148.43.200.1

10.10.10.2/32 via 10.10.10.2, Tunnel0 created 03:25:28, expire 00:00:51Type: dynamic, Flags: authoritative unique registered usedNBMA address: 148.43.200.5

10.10.10.3/32 via 10.10.10.3, Tunnel0 created 03:18:55, expire 00:00:46Type: dynamic, Flags: authoritative unique registered usedNBMA address: 148.43.200.9

router_spoke#sho ip nhrp10.10.10.6/32 via 10.10.10.6, Tunnel0 created 00:00:02, expire 00:00:51

Type: dynamic, Flags: router usedNBMA address: 148.43.200.21

10.10.10.7/32 via 10.10.10.7, Tunnel0 created 03:28:53, never expireType: static, Flags: authoritative usedNBMA address: 148.43.200.25

Show IP nhrp

The “show ip nhrp” command displays the contents of the NHRP database or cache. When using it on the hub router. It shows each spoke that has registered dynamically via NHRP with the hub. When utilizing the command on the spoke router, at a minimum it will show a static NHRP entry to the hub router. This is entered into the database by the configuration command “ip nhrp map”. In addition, it will also show any dynamic tunnels established with other spoke routers. Contained within each entry will be the tunnel IP address, the physical address (NBMA), how long ago the tunnel was created, how long the tunnel has to live, and how the tunnel was created (static or dynamic).

34

Show IP NHRP NHS

router_spoke#sh ip nhrp nhs

Legend:E=Expecting repliesR=Responding

Tunnel6600:172.21.254.1 RE

The “show ip nhrp nhs” command displays a spoke router’s communications status with its configured next hop server(s). When successfully registered and active, the status codes R & E will both be present. Once an NHS address is configured within a Tunnel interface via the “ip nhrp nhs” command, it will be listed with this command, whether the address is correct or not. The “E” status code will always appear with this command whether the configuration is correct or not. If the “R” status code is missing, it is recommended to verify that the physical address that the NHS server is mapped to is reachable via the ping command. Refer to the tunnel configuration and check the entry for “ip nhrp map <nhs_ip> <phys_ip>. Verify that the addresses are in the correct order. Once connectivity and configuration are verified, restart the NHRP registration process by performing a “shut” and “no shut” on the tunnel interface.

35

TDMA TDMA

JNN JNN

Bn CPN

Bn CPN Bn CPN

Bn CPN

FDMA serial

FDMA serial

FDMA serial

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

BCT 1 BCT 2

HubUHN_66030_ST2R

LO0 22.230.0.6/32

FA0/0 172.20.254.1/29

TU6605 172.21.78.1/25

TU6607 172.21.79.1/25

VLAN 59 22.230.3.254/24

DMAIN – OSPF Area 0

22.230.0.0/19

OSPF Area 0

22.230.32.0/19

JNN_66050_ST2R

LO0 22.230.32.2/32

FA0/0 172.20.78.9/29

TU6605 172.21.78.8/25

VLAN 59 22.230.34.62/27

BCP_66052_ST2R

LO0 22.230.32.9/32

FA0/0 172.20.78.17/29

TU6605 172.21.78.16/25

VLAN 59 22.230.40.62/27

BCP_66053_ST2R

LO0 22.230.32.10/32

FA0/0 172.20.78.25/29

TU6605 172.21.78.24/25

VLAN 59 22.230.44.62/27

UA 2 – OSPF Area 0

22.230.64.0/19

BCP_66072_ST2R

LO0 22.230.64.9/32

FA0/0 172.20.79.17/29

TU6607 172.21.79.16/25

VLAN 59 22.230.72.62/27

BCP_66073_ST2R

LO0 22.230.64.10/32

FA0/0 172.20.79.25/29

TU6607 172.21.79.24/25

VLAN 59 22.230.76.62/27

JNN_66070_ST2R

LO0 22.230.64.2/32

FA0/0 172.20.79.9/29

TU6607 172.21.79.8/25

VLAN 59 22.230.66.62/27

Install the above network as shown. Configure the hub and spoke routers using the configuration information from the two previous pages. Enable OSPF to operate on the tunnel interface and the interface supporting host computers. Do not configure a routing protocol for the physical interfaces connected to the TDMA cloud. Configure a static route. The TDMA router’s Ethernet interface is configured with all seven physical subnets. Configure the first subnet with “ip address” command and then the other six with “ip address” command and the “secondary” extension. Once complete, test for network connectivity using ping and trace between the user subnets. Utilize the “show ip nhrp” command to view the tunnels in place.

TAB

Insert Tab # 2 Here

Layer 2 Switching and VLANs

2

What is Ethernet Switching ?

RG-58 and Terminators

CAT -5 and Hub

Bridges separate Collision Domains

Switching

Bridge

Ethernet switching evolved from a need to provide high-speed access and geographical separation on local area networks. Initial networks provided access through RG-58 cable T connectors and Terminators. Disadvantages of this type network were quickly realized, for example if anywhere along the cable segment a break or disconnect occurred the entire network would be disabled. The next major evolution of Local Area Network access involved the introduction of Hubs and Category 5 cable. The hub provided a central point for connection of all user devices. The hub however worked only at layer 1 and simply passed all information received on one port out all others. Congestion of Local Area Networks drove the development of bridges, which allowed the isolation of traffic between segments of the LAN. This was accomplished by allowing the bridge to examine the frame (layer 2) header and to determine the source (MAC address) of the traffic. The bridge could then build a table that would show the topology and traffic could be filtered to allow it to flow only to needed segments. This is termed as separating “Collision domains”. Bridges initially were nothing more than a computer with two LAN cards installed and specialized software that allowed for the table to be built and queries to be made against the table that would control the traffic between segments of the network. This was often slow and costly to implement. As technology evolved and the cost came down the mechanism of bridging was placed directly on each port of the bridge. This was accomplished utilizing ASIC (application specific integrated circuits) and allowed a bridge to now have many ports, each of which having the capability to separate collision domains. This new implementation is what is now termed “Switching”

3

What is Switching ?

1. Hubs operate at Layer 1.

2. Layer 2 LAN Switches and Bridges operate at Layer 2 of the OSI reference model.

3. Switches and Bridges must have more intelligence in order to examine the Layer 2 Frame.

4. The Source and Destination MAC addresses are examined.

5. A Table can be built from the Source addresses that enables the Switch or Bridge to “decide” which ports the traffic needs sent out.

6. From this point a frame can be “switched” from one port to another.

Hubs operate at Layer 1, meaning they do not examine any headers. They simply regenerate the electrical signals received out all other ports. Layer 2 LAN Switches and Bridges operate at Layer 2 of the OSI reference model, meaning the frame received is actually examined for information so the frame can be sent to the appropriate location. Switches and Bridges must have more intelligence in order to examine the Layer 2 Frame. This implies processing power and storage capabilities. The Source and Destination MAC addresses are examined, as well as some optional trunking and VLAN information. A Table is built from the Source addresses that enable the Switch or Bridge to “decide” which ports the traffic must be sent.

4

Switch use in Topology

Multi-Access Point for Users

Hub Multi-Access

SWITCH SWITCHCrossover

Crossover

A switch or Bridge learns of the MAC addresses attached to each port by listening to the traffic and examining the source MAC address of the incoming frame. The MAC address to Port mappings are stored in a MAC database. The database is commonly referred to as the (MAC table) or the Content-addressable memory (CAM table). When a frame is received by the Switch or Bridge, the MAC table is consulted to determine the port that can reach the station identified in the destination portion of the frame. If the destination MAC is found in the MAC table the frame is transmitted on only the port listed. If the destination MAC is not found the frame is transmitted on all outgoing ports except on the one from which it was received.

5

Modes of Switching

The Switch checks the frame header for the destination MAC and immediately begins forwarding the frame

The entire frame is read into memory and the FCS is checked as well as the destination MAC before the frame is forwarded

Only the first 64 bytes are read to determine the destination MAC, the switch then immediately begins forwarding the frame. Collisions occur within the time required to read 64 bytes.

Fastest, but no error checking

Slow, has error checking

Fast, with error checking

Cut Through

Store & Forward

Fragment Free

Cut Through In the cut through mode, the switch or bridge checks the destination address as soon as the header is received and immediately begins forwarding the frame. There is a significant decrease in latency compared with the store and forward mode. The delay in cut through switching remains constant regardless of frame size because this switching mode starts to forward the frame as soon as the switch or bridge reads the destination addresses. In some switches and bridges, only the destination addresses are read. Some switches and bridges continue to read the FCS and keep a count of errors. Although the switch or bridge will not stop an error frame, if the error rate is too high, the switch or bridge can be set, either manually or automatically, to use the store and forward mode instead. This is often known as “adaptive cut through”. It combines the low latency advantage of cut through and the error protection offered by store and forward. Store and Forward In the store and forward mode, the switch or bridge receives the complete frame, and then forwards it. The destination and source addresses are read, the Frame Check Sequence is performed, the relevant filters are applied, and the frame is forwarded. If the FCS is bad, the frame is discarded. Latency through the switch or bridge varies with frame length.

6

7

Fragment Free In the Fragment Free mode, the switch or bridge will read the first 64 bytes, which is the minimum Ethernet frame size, before forwarding the frame. Usually, collisions happen within the first 64 bytes of a frame. When a collision occurs, a fragment (a frame less than 64 bytes) is created. By reading 64 bytes, the switch or bridge can filter out collisions. The fragment free mode has higher latency than the cut through mode. Fragment free can detect fragment frames and discard them rather than forwarding them, in contrast to cut through, which will forward fragmented frames if the destination address exists. Switching mode can be verified by using the “show port system” command.

Building the MAC Database (1)

Initially the switch MAC Database will be empty. Each frame received will be flooded out all ports. As MAC address are mapped to ports the switch can “learn” the port to forward the frame on.

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

E-0

E-1

E-2

E-3

Frame

E-0E-1E-2E-3

AAAA.AAAA.AAAA

8

Frame

Frame

Frame

A switch or bridge maintains a MAC Database to track the locations of devices that are connected to it. The size of the MAC Database varies on the hardware. The Catalyst 2950 series can hold up to 8192 entries. When a switch or bridge is first initialized, the MAC Database is empty. When the Database is empty, the switch or bridge must forward each frame to all connected ports other than the one on which the frame arrived. Forwarding a frame to all connected ports except the port on which the frame arrived is termed “Flooding”. Flooding is the least efficient way to transmit data across a switch or bridge because it wastes bandwidth.

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

E-0

E-1

E-2

E-3

As traffic is heard on each port the switch can “MAP” the MAC to the port. All further communications will be sent directly from one port to another and not flooded out all ports.

Frame

Building the MAC Database (2)

E-0E-1E-2E-3

AAAA.AAAA.AAAABBBB.BBBB.BBBBCCCC.CCCC.CCCCDDDD.DDDD.DDDD

Frame

As traffic is generated and received on each switch port, it is stored in temporary buffer space while the MAC Database is checked for an entry that matches the destination MAC received in the frame. Because there is no match, the switch must perform two operations. 1. Populate the MAC Database by “learning” the source address and associating that with the port on which the frame was received. 2. Flood the frame out all other ports. A MAC Database entry is created, which stays in the MAC Database up to the age time (default 300 seconds on a 2950 series switch). If station A does not transmit another frame to the switch before the age time expires, that entry will not be refreshed and will be removed from the Database. Because the MAC address table has a limited size, the age time helps to limit flooding by remembering the most active stations on the network. The age time also accommodates station moves. Aging allows the switch or bridge to forget an entry about a station that has been removed. If a station is moved from one port to another port, the switch or bridge will immediately learn the new location of the station as soon as that station begins to transmit frames to the switch or bridge on the new port.

9

Broadcast and Multicast

Broadcast and Multicast frames may be of interest to all stations, therefore the switch normally “floods” the frame out all ports.

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

E-0

E-1

E-2

E-3

DDDD.DDDD.DDDDE-3CCCC.CCCC.CCCCE-2BBBB.BBBB.BBBBE-1AAAA.AAAA.AAAAE-0

10

Frame

Frame

Frame Frame

Broadcast and multicast frames are a special case. Because broadcast and multicast frames may be of interest to all stations, the switch or bridge normally floods broadcast and multicast to all ports other than the originating port. A switch or bridge never learns a broadcast or multicast address because broadcast and multicast addresses never appear as the source address of a frame.

Switch and Hub

SWITCH

AAAA.AAAA.AAAA

BBBB.BBBB.BBBB

CCCC.CCCC.CCCC

DDDD.DDDD.DDDD

DDDD.DDDD.DDDDE-2CCCC.CCCC.CCCCE-2

E-0

E-1

E-2

BBBB.BBBB.BBBBE-1AAAA.AAAA.AAAAE-0

In this scenario, the switch has a fully populated MAC Database, which shows that station C and D are connected to the same port. For traffic from C to D or D to C, the switch will not forward the frame to any other ports, additionally any traffic destined for MACs C or D will both be forwarded out port 2.

11

Problems in Redundant Networks

Broadcast Storms, Multiple frame transmissions, MAC table instability

While designing networks it is common to implement redundancy to reduce outages during equipment failures. While these designs may eliminate the possibility that a single point of failure will result in loss of function for the entire switched network, problems that can occur with redundant designs must be taken into consideration. A common problem is a “broadcast storms”. This occurs when each switch on a redundant network floods broadcast frames endlessly. Switches flood broadcast frames to all ports except the one on which the frame was received. Broadcast storms: Without some loop avoidance process in operation, each switch will flood broadcasts endlessly. This situation can be catastrophic, as it will eventually consume all bandwidth. Multiple frame transmissions: Multiple copies of Unicast frames may be delivered to destination stations. Many protocols expect to receive only a single copy of each transmission. Multiple copies of the same frame may cause unrecoverable errors. MAC table instability: Instability in the MAC table results from copies of the same frame being received on different ports of the switch. Data forwarding may be impaired when the switch consumes the resources that are coping with instability in the MAC table.

12

Broadcast Storm Example

Redundancy eliminates single points of failures.

13

GOOD

BADRedundancy causes broadcast storms, multiple frame copies, and MAC Database instability !!!

SW - A

Segment 1 Segment 2A

SW - B

Using the above diagram, consider the following: When host A sends a broadcast frame, such as an ARP (address resolution protocol) for its default gateway (router supporting the LAN), the frame will be received at SW – A. Switch A examines the destination address field in the frame and determines that the frame must be flooded onto all other ports or out to segment 2. When this copy of the frame arrives at switch B, the process repeats and a copy of the frame is transmitted back onto segment 1. Because the original copy of the frame also arrives at SW – B via Segment 1, these frames travel around the loop in both directions, even after the destination station has received the frame.

Spanning Tree

Spanning Tree Protocol (STP) is a loop prevention protocol.

It communicates with other switches to discover physical loops.

Specifies an algorithm to create a loop free logical topology.

SW 1

SW 2 SW 3

X

Port blocked by STP

STP allows all the switches within a topology to decide on a common reference point (root). Once the root is designated, all switches determine the best path to the root. Ports that are not part of this best path are then blocked thereby preventing switch loops. The most common reason a loop occurs in a network is as result of an attempt to provide redundancy (if Link A fails then link B takes over). They can and often do occur by mistake. Loops in a layer 2 network can be disastrous.

14

STP States

Administratively DownDisabled

Receives BPDUs onlyBlocking

Determining Loop Free Topology

Listening

Building the MAC databaseLearning

Sending and receiving user data

Forwarding

State Purpose

Initially, all switch ports begin in the blocking state, where they listen for BPDUs. When the first switch boots up, it thinks it is the root, and will transition to the listening state. An absence of BPDUs for a period of time is called the MAXAGE, which by default is 20 seconds. If a port is in the blocking state and does not receive a new BPDU within this time, the switch will transition from blocking to listening. When a port is in the listening state, it is able to send and receive BPDUs to determine the loop free topology. At this point no user data is being passed. During the listening state, the bridge performs the four steps needed to converge. The time it takes for a port to transition from the listening state to the learning state or from the learning to forwarding is called the forward delay. The value by default is 15 seconds The learning state reduces the amount of flooding required when data forwarding begins. If a port is a designated port or a root port at the end of the learning state, it will transition to forwarding.

15

Portfast

Portfast is applied on fast-Ethernet ports on a switch or switch module.

Portfast is used on ports that have end users or devices.

This forces the port into the Forwarding state, bypassing the Blocking, Listening, and Learning states.

If you connect a workstation or a server with a single NIC card or an IP phone to a switch port the connection cannot create a physical loop. These connections are considered leaf nodes. There is no reason to make the workstation wait 30 seconds while the switch checks for loops if the workstation cannot cause a loop. Cisco added the PortFast or fast-start feature. With this feature, the STP for this port assumes that the port is not part of a loop and immediately moves to the forwarding state and does not go through the blocking, listening, or learning states. This command does not turn STP off. This command makes STP skip a few initial steps (unnecessary steps, in this circumstance) on the selected port. Portfast is applied to the interface with the following command: Router(config-if)# spanning-tree portfast

16

Default Switch Configuration

When shipped, the Switch default configuration includes the following:

Member of Vlan 1 (discussed later)

All Ports

NoneConsole password

Enabled Spanning Tree

Auto negotiate duplex mode100BaseT port

EnabledCDP

0.0.0.0IP Address

When the switch is shipped, it is ready to be used, however some items, which will be unique to your network, can only be set to a default value. Above you will see the most common settings that you may be tasked to customize to meet the needs of your network.

17

Common Configuration Changes

• Hostname

• Passwords

• IP Address

• Default Gateway

• VLAN assignments

• Port duplex and speed

• Port Security

• Saving and Clearing Configurations

• VTP Configuration

The above figure lists the most common configuration requirements for layer 2 switching. Each of the topics will be discussed in the following pages.

18

Available Prompts

Enters user EXEC after setup is

complete

Consists of a set of questions with no prompt of its own

From privileged EXEC mode, typesetup or

automatic if no config found in NVRAM

during initialization

Setup Mode

BootSwitch:Hold mode key while applying

power to switch

ROM Monitor

Exit, end, or CTRL Z

Switch(config)#From Privileged Exec, type configure terminal

Global Configuration

(config t)

disableSwitch#From User Exec, type enable

Privileged Exec (enable)

logoutSwitch>Log InUser EXEC

Exit MethodPromptAccess MethodCommand Mode

The Cisco IOS user interface provides access to several different command modes. Each command mode provides a group of related commands that allow you to configure or monitor your switch. Entering a question mark (?) at the system prompt allows you to obtain a list of commands available for each command mode. User EXEC mode - After you log in to the switch, you are automatically in user EXEC command mode. In general, the user EXEC mode contains nondestructive commands that allow you to connect to remote devices, change terminal settings on a temporary basis, perform basic tests, and list system information. User EXEC mode is indicated by the device host name followed by the angle bracket (>). Privileged EXEC mode - The privileged EXEC mode commands set operating parameters. The privileged commands include those commands contained in user EXEC mode, as well as the configure command through which you can access the remaining command modes. Privileged EXEC mode also includes high-level testing commands, such as debug. To enter privileged EXEC mode, enter enable at the user EXEC prompt. The privileged EXEC mode prompt consists of the device host name followed by the pound sign (#). From the privileged level, you can access a number of specific configuration modes:

19

20

ROM monitor mode - A command-line interface (CLI) that allows you to configure your switch. ROM monitor mode occurs if your switch does not find a valid system image, or if you interrupt the boot sequence during startup. Setup mode - This mode is an interactive prompted dialog at the console that helps the new user creates a first-time basic configuration. You can also enter setup mode by entering setup at the privileged EXEC prompt. Setup mode consists of series of questions and does not exhibit a defining prompt of its own.

Setting Hostname

switch>en

config t

hostname example

ctl Z

switch#

switch (config)#

example (config)#

example#

Setting Password

switch>en

config t

enable secret abc123

line vty 0 15

password abc123

login

line con 0

password abc123

login

ctl z

switch#

switch (config)#

switch (config)#

switch (config-line)#

switch (config-line)#

switch (config-line)#

switch (config-line)#

switch (config-line)#

switch (config-line)#

switch#

21

Setting the IP Addressswitch#config t

int vlan 1

ip address 148.43.200.75 255.255.255.240

no shutdown

ctl z

switch(config)#

switch(config-if)#

switch(config-if)#

switch(config-if)#

It is only necessary to configure an IP address for the switch if it is going to be a manageable entity on the network. Realize it will also be necessary to configure a default-gateway. The switch will look like a standard user of the subnet.

What 3 pieces of information are required for a PC? Clue: TCP/IP properties

Setting the Default Gateway

switch>enconfig t

ip default-gateway 148.43.200.1ctl Z

switch#switch (config)#switch (config)#switch#

The default gateway is utilized whenever it is determined that the address you are attempting to contact is not local to the subnet or vlan to which you are connected.

22

Configuring the Ports

switch>enconfig t

int fa 0/1speed 10duplex halfswitchport mode accessswitchport port-securityswitchport port-security maximum 1switchport port-security mac-address

0008.aaaa.bbbbswitchport port-security violation shutdown

switch#switch (config)#switch (config-if)#switch (config-if)#switch (config-if)#switch (config-if)#Switch (config-if)#Switch (config-if)#

Switch (config-if)#

Switch>en puts the switch in the enable mode Switch#config t puts the switch in the global configuration mode Switch (config)#int fa 0/1 specifies interface fast Ethernet 0/1 for configuration Switch (config-if)#duplex half Sets the interface duplex ability to half Switch (config-if)#speed 10 Sets the interface duplex speed to 10MBPS When a port is active on a switch any user can plug into the port and access the network. Because many networks use DHCP (Dynamic Host Configuration Protocol) to assign user addresses, it would be very easy for someone with physical access to a network port to plug in his own device and become a user on the network. Switch (config-if)#switchport port-security Turns on port security Switch (config-if)#switchport port-security maximum value After turning on port security, you need to determine how many different devices will be accessing the ports. The Value option allows you to specify the number of addresses. The default is 1. Switch (config-if)#switchport port-security mac-address 0008.aaaa.bbbb By default, the switches will learn the MAC addresses of the devices that are plugged into that port. If you want to control which devices can access the switch, use the above command to specify which MAC addresses are secured on a port.

23

24

Switch (config-if)#switchport port-security violation {protect | restrict | shutdown} When a violation occurs, the switch generally protects the port by dropping the traffic associated with the unauthorized MAC address. This means that the switch does not allow those frames through the device, if a frame comes from a device that is configured as secure, the switch will allow it through. This is the meaning of “protect” and is the default. Another option that you can configure is for the interface to move to a “shutdown” state. If this is configured the port remains in the administratively down state until an administrator re-enables the port with the no shutdown command. A third option is “restrict”. If this is selected an SNMP trap will be generated.

Saving & Deleting Configurations (1)

switch>encopy run start

encopy start run

encopy run tftp://address/filename

Address or name of remote host [148.43.200.7]?Destination filename [switch1.bin]?

switch#This copies the running configuration to the startup-config file which resides in NVRAM

switch>switch#This copies the startup-config file from NVRAM into RAM. This will merge what is presently in your running configuration with what is copied in from the startup-config file.

switch>switch#

148.43.200.7 switch1.bin

This copies the running-config file from RAM to a tftp (trivial file transfer protocol) server. If you do not specify a filename and address, the system prompts for this information.

Saving & Deleting Configurations (2)

switch>enerase start

endelete flash:vlan.dat

switch#This erases the startup-config file from NVRAM. At this point it is commonly followed by a reload, which will cause the switch to boot with a default configuration. switch>switch#This deletes the vlan database. The file is recreated as soon as a new vlan is created.

Utilizing both of the above commands, then performing a reload on the switch allows it to be restored to factory values.

25

VLAN Concept (1)

Router Interface fast Ethernet 0/1

Network 148.43.200.0 255.255.255.240

Interface fa 0/1 is configured with a /28 mask (16 addresses).

SW – A utilizes default configuration, meaning all of its ports are assigned to VLAN-1.

IP address utilization is as listed.

If SW – A is a 24 port switch only 12 ports can be utilized, the remaining ports can not support users requiring an IP.

26

.10

SW - A

.1

.3 .4 .5 .6 .7 .8 .9

.2

VLAN = Subnet

A VLAN is a group of ports on switches that provides service to end stations with a common set of requirements, independent of their physical location. A VLAN has the same attributes as a physical LAN, but allows you to group end stations even if they are not physically located on the same LAN segment. VLANs allow you to group ports on a switch to limit unicast, multicast, and broadcast traffic flooding. Flooded traffic that originates from a particular VLAN floods only to ports belonging to that VLAN. VLANs are created on Layer 2 switches to control broadcasts and collision domains, as well as enforce the use of a layer 3 device (router) for communications off the VLAN. Each VLAN is created in the local switches database for use. If a VLAN is not known to a switch, that switch cannot transfer traffic across any of its ports for that VLAN. VLANS are created by number, and there are two ranges of usable VLAN numbers (normal 1 – 1000 and extended range 1025 – 4096). When a VLAN is created, you can also give it certain attributes such as a VLAN name, VLAN type, and its operational state.

VLAN Concept (2)

SW - B

SW - A

SW - C

Subnet A

Subnet C

Subnet B

Example of switching utilizing individual Ethernet ports on the router.

Above is one example of a VLAN. All ports on each switch have been assigned to a common VLAN, that VLAN is synonymous with Subnet A from the router’s perspective.

27

VLAN Concept (3)

One Physical Ethernet Interface

SW - 2

SW - 3

SW - 1

Example of switching utilizing subinterfaces on the router.

A router’s Ethernet port can be configured to support separate VLANs on the same physical interface. This is accomplished with the use of “trunking” and will be discussed in detail.

28

VLAN Concept (4)

One Physical Ethernet Interface

SW - 2

SW - 3

SW - 1

Example of switching utilizing subinterfaces on the router.

Users for all VLANs can now be dispersed throughout the switching topology.

When utilized in this fashion a Layer 2 topology can provide flexibility to match user requirements. By changing port assignments a VLAN member can be moved throughout the physical topology and retain all of its logical assignments.

29

VLAN Trunking

SW - 1 SW - 2Trunk

ISL Cisco Proprietary (Encapsulation)

802.1Q Open Standard (Modified Header)

When using VLANs in networks that have multiple interconnected switches, you need to use VLAN trunking between the switches. With VLAN trunking, the switches tag each frame sent between switches so that the receiving switch knows to which VLAN the frame belongs. With trunking, you can support multiple VLANs that have members on more than one switch.

30

802.1Q

Dest Src Len/Etype Data FCS

EtherType (0x8100 PRI X VLAN - ID

Original FCS is replaced with new FCS.

Token RingFlag

The IEEE standardizes many of the protocols relating to LANs today, and VLAN trunking is no exception. After Cisco created ISL, the IEEE completed work on the 802.1Q standard, which defines a different way to do trunking. 802.1Q uses a different style of header than does ISL to tag frames with a VLAN number. In fact, 802.1Q does not actually encapsulate the original frame. Rather, it adds an extra 4-byte header to the original Ethernet header. That additional header includes a field with which to identify the VLAN number. Because the original header has been changed, 802.1Q encapsulations forces a recalculation of the original FCS field in the Ethernet trailer, because the FCS is based on the contents of the entire frame.

31

Cisco 2811

FE 0/1 FE 0/0AF

SL

AF

S

L

A= ACTS= SPEED

F= FDXL= LINK

S L O T 2

S L O T 0

S L O T 3

S L O T 1NME0

R

PVDM1 PVDM2 AIM1 AIM0CONN

WIC2TCONN

NM-

EN

0x8x1x9x2x10x3x11x4x12x5x13x6x14x7x15x

15x

7x 0x

8xFASTETHERNET PORTS

10/100/1000BASE TX

-48V GE

EXTPWRESW-

161

VIC

IN U

SE

IN U

SE

FXS

CONNWIC

2TCONN

VIC

IN U

SE

IN U

SE

FXO

Bay 1Bay 1 Bay 0Bay 0

32

Slot 1Slot 1

Slot 2Slot 2Slot 3Slot 3

Slot 0Slot 0

ss00//22//11

Bay

Bay ll

Port

Port

Sot

Sot

Port 1Port 1Port 0Port 0

Port 1Port 1 Port 0Port 0

Port 0Port 0Port 7Port 7

Port 15Port 15 Port 8Port 8

ff11//88

Bay

Bay

Po

rtPo

rt

ff00//11

Bay

Bay

Port

Port

Port 1Port 1 Port 0Port 0

*In this case, the ports don’t exist on a card in a slot, (they are built straight into the “bay”) so there is no “slot”designator.

*In this case, the ports exist on a card that consumes the ENTIRE “bay", so there is no need for a “slot” designator.

In a Cisco hardware environment, components are numbered from right to left, then from bottom to top.

0

0

1

1

Cisco Interface Numbering Scheme

Router With Stand Alone Switch•Add VLAN to VLAN Database on Switch.

•Create Sub-interfaces on Router’s Fast Ethernet Port.

•Assign the VLAN to the Switch’s Ports.

Router With Switch Module•Add VLAN to VLAN Database.

•Apply an IP Address and Subnet Mask to VLAN Interface.

•Assign the VLAN to the Switch Module’s Ports.

C isco 2811FE 0 /1 F E 0/ 0

A

F

S

L

A

F

S

L

A = A C TS = SP EE D

F = FD XL = LI NK

S L

O T 2

S L

O T 0

S L

O T 3

S L O T 1N M E 0

R

PV DM 1 PV DM 2 AI M 1 A IM 0

SERIAL 1

CONNWIC

2TCONN

SERIAL 0

NM-

E N

0x8x1x9x2x10x3x11x4x12x5x13x6x14x7x15x

15x

7x 0x

8xFASTETH ERNE T P ORTS

10/100 /1000BA SE TX

-48V GE

EXTP WRESW-

161

VIC

1

IN U

SE

0

IN U

SE

FXS

SERIAL 1

CONNWIC

2TCONN

SERIAL 0VIC

1

IN U

SE

0

IN U

SE

FXO

Catalyst 2950 SERIES

SYST

MODE

SPEEDDUPLXUTIL

STATRPS

1 X

18 X

1 7 X

1 6X2 X

1 5X 3 1X

3 2X 3 4X

3 3X 47 X

48 X

1000 Base-SX11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10

1 2

Switch vs. Switch Module VLAN Config

Cisco 281 1FE 0 / 1 FE 0/0A

F

S

L

A

F

S

L

A = A C TS = SP EE D

F= F DXL= L IN K

S L O T 2

S L O T 0

S L O T 3

S L

O T 1N M E 0

R

PV D M 1 PV D M2 A IM 1 A I M0

SER IAL 1

CON N

WIC2T

CO NN

SER IAL 0V IC

1

IN U

SE

0

IN U

SE

FX S

SER IAL 1

CON NWIC

2TCO NN

SER IAL 0VIC

1

IN U

SE

0

IN U

SE

FX O

HDA-4FXS

0 1 2 3

Trunk

The major difference between to above VLAN configurations is that if you are using a stand-alone switch you have to program a trunk (Sub-interfaces) between the router and the switch. If you are using a switch module there is no trunking involved since layer 2 switching and routing functions are located within the same piece of equipment.

33

VLAN Configuration

Create VLAN Database Entry

Switch>en

vlan database

vlan 100 name test

exit

Switch#

Switch (vlan)#

Switch (vlan)#

switch#

VLAN Database Show Commands: From the enable prompt, enter “vlan database”. “show changes” Show the changes to the database since modification began (or since reset) “show current” Show the database installed when modification began “show proposed” Show the database, as it would be modified if applied

34

Router Configuration

interface FastEthernet0/0description Trunk to Switchno ip addressduplex full

interface FastEthernet0/0.1description VLAN 100encapsulation dot1Q 100ip address 148.30.1.1 255.255.255.240

interface FastEthernet0/0.2description VLAN 200encapsulation dot1Q 200ip address 148.30.1.17 255.255.255.240

Create Sub-Interfaces on Router Fast-Ethernet Port

Cisco IOS software has a configuration feature called subinterfaces that creates a logical subdivision of a physical interface. Subinterfaces allow the router to have multiple IP addresses associated with its physical interface by configuring separate subinterfaces. A router can treat each subinterface as if it were an individual link. Each of the subinterfaces would be assigned a different IP address from its associated subnet. In the example above, it is seen that interface fast Ethernet 0/0 has been subdivided into three subinterfaces (note the interface fast Ethernet 0/0.1). Each subinterface receives its own configuration for which subnet it belongs to as well as which encapsulation method to use. The physical interface of fast Ethernet 0/0 is simply administratively enabled by issuing the command “no shutdown”

35

Router Switchport Configuration

interface VLAN 58description voice VLANip address 148.30.1.1 255.255.255.240

interface VLAN 59description data VLANip address 148.30.1.17 255.255.255.240

interface VLAN 60description server VLANip address 148.30.1.33 255.255.255.240

Create VLAN Interface on Router with Switchport Module

With the addition of switchport modules in routers being widely available today, there is an additional configuration option available. Rather than having to create subinterfaces for each VLAN on a router, then configuring the trunking to the switch, it is now possible to assign IP address directly to the VLAN on the router. By assigning this IP address, then assigning the VLAN to a port on the module, it eliminates the necessity of an additional device to provide network services to end users. The configuration of a router with switchports is in effect, the same as configuring multiple IPs on a switch. Once the IPs are set, and the VLANS are assigned to various ports on the switching interface, then those subnets are active.

36

VLAN Configuration

To assign ports to the VLAN:

Switch>en

config t

interface fastethernet 0/1

switchport access vlan 100

ctl z

Switch#

Switch (config)#

Switch (config-if)#

Switch (config-if)#

Switch#

VLAN Configuration Range CMD

Switch>en

config t

interface range fastethernet 0/1 – 3 , 0/9 - 12

switchport access vlan 100

no shut

ctl z

Switch#

Switch (config)#

Switch (config-if-range)#

Switch (config-if-range)#

Switch (config-if-range)#

Switch#

Spaces

37

Trunk Configuration

Switch>en

config t

interface fast Ethernet 0/1

switchport mode trunk

switchport trunk allowed vlan remove 2-1001

no shut

ctl z

Switch#

Switch (config)#

Switch (config-if)#

Switch (config-if)#

Switch (config-if)#

Switch (config-if)#

Switch#

By default a trunk link carries all the VLANs that exist on the switch. You can elect to selectively remove and add VLANs from a trunk link. To specify which VLANs are to be added or removed from a trunk link use the above command.

By default, a trunk link carries all the VLANs that exist on the switch. This is because all VLANs are active on a trunk link; and as long as the VLAN is in the switch's local database, traffic for that VLAN is carried across the trunks. You can elect to selectively remove and add VLANs from a trunk link. To specify which VLANs are to be added or removed from a trunk link, use the following commands. (Optional) Manually remove VLANs from a trunk link: From the (global) interface Switch (config-if)#switchport trunk allowed vlan remove vlanlist (in the example above it is 2-1001) By specifying VLANs in the vlanlist field of this command, the VLANs will not be allowed to travel across the trunk link until they are added back to the trunk using the command switchport trunk allowed vlan add vlanlist.

38

Lab – VLAN Configuration

1. Configure 2811 for VLANs 58 & 59.2. Assign IP addresses as shown on network

diagram.3. Assign ports FA1/0 – 7 for VLAN 58.4. Assign ports FA1/8 – 15 for VLAN 59.5. Set laptop addresses to each VLAN and

verify operations.

39

Show Commands

Displays the administrative and operational status of all interfaces or a specified interface.

show Interfaceshow Interface

Displays the parameters for a specified configured VLAN

show vlan-switch id vlan-id

show vlan id vlan-id

Displays the parameters for all configured VLANs

show vlan-switchshow vlan

DescriptionSwitchport Module2950 Switch

40

VTP (VLAN Trunking Protocol)VTP

Domain

SW 1

SW 2 SW 3

VTP Server

VTP ClientVTP Client

VTP Database Change

VLAN Trunking Protocol (VTP) is a Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis. Virtual Local Area Network (VLAN) Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst Family products. VTP sends messages between trunked switches to maintain VLANs on these switches in order to properly trunk. VTP is a Cisco proprietary method of managing VLANs between switches and runs across any type of trunking mechanism. VTP messages are exchanged between switches within a common VTP domain. VTP domains must be defined or VTP disabled before a VLAN can be created. Exchanges of VTP information can be controlled by passwords. VTP manages only VLANs 2 through 1002.

41

42

VTP allows switches to synchronize their VLANs based on a configuration revision number. The highest revision number over-writes lower revision number VLAN databases. Each time you exit VLAN Database mode, the revision number is increased by one. CAUTION: Offline switches can have high revision numbers if technicians have exited VLAN Database mode repeatedly. Ensure off-line VLAN database revision numbers are lower than the on-line VLAN database revision numbers before bringing a switch on line. Switches can operate in one of three VTP modes: server, transparent, or client. VTP can prune unneeded VLANs from trunk links.

VTP Modes

SW 1

SW 2 SW 3

VTP Server

Can make changes to database and will distribute to all others in domain

VTP Transparent

VLAN info configured here affects only local switch. Domain VTP information is forwarded but not implemented

VTP Client

Cannot make changes to database. Receives updates from server

VTP Server Mode By default, Cisco switches are in VTP server mode. For a VTP server, you can create, modify or delete a VLAN in the local VLAN database. After you make this change, the VLAN database changes are propagated out to all other switches in server or client mode in the VTP domain. A server will also accept changes to the VLAN database from other switches in the domain VTP Client Mode Switches in Client mode cannot create, modify, or delete VLANs in the local VLAN database. Instead, they rely on other switches in the domain to update them about new VLANs. Clients will synchronize their databases, but the will not save the VLAN information and will loose this information if they are powered off. Clients will advertise information about their database and forward VTP information to other switches VTP Transparent Mode Transparent mode works much like server mode in that you can create, delete, or modify VLANs in the local VLAN database. The difference is that these changes are not propagated to other switches. In addition, the local database does not accept modifications from other switches. VTP transparent mode switches forward or relay information between other server or client switches.

43

VTP Configuration Example

Switch>en

config t

vtp mode [

vtp domain doma

vtp password pas

ctl z

Switch#

Switch (config)# server | client | transparent ]

Switch (config)# in-name

Switch (config)# sword

Switch (config)#

Switch#

When using the vtp domain “domain-name” command, “domain-name” is case sensitive. Example if one switch in the Cisco VTP domain and the other is in the Cisco domain, they will not share VLAN databases. The “show vtp status” command display general information about the VLAN Trunking Protocol (VTP) management domain, status, and counters.

44

TAB

Insert Tab # 3 Here

Voice Overview

2

TDMA

JNN JNN

Bn CPN w/CME

Bn CPN w/CME

Bn CPN w/CME

Bn CPN w/CME

FDMA serial

FDMA serial

FDMA serial

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

Ethernet

BCT 1 BCT 2

HubUHN_66030_ST2R

LO0 22.230.0.6

FA0/0 172.20.254.1/29

TU6605 172.21.78.1/25

TU6607 172.21.79.1/25

VLAN 58 22.230.2.254/24

VLAN 59 22.230.3.254/24

DMAIN – OSPF Area 0

22.230.0.0/19

OSPF Area 1

22.230.32.0/19

JNN_66050_ST2R

LO0 22.230.32.2/32

FA0/0 172.20.78.9/29

TU6605 172.21.78.8/25

VLAN 58 22.230.35.126/26

VLAN 59 22.230.34.62/27

BCP_66052_ST2R

LO0 22.230.32.9

FA0/0 172.20.78.17/29

TU6605 172.21.78.16/25

VLAN 58 22.230.40.254/27

VLAN 59 22.230.40.62/27

BCP_66053_ST2R

LO0 22.230.32.10

FA0/0 172.20.78.25/29

TU6605 172.21.78.24/25

VLAN 58 22.230.44.254/27

VLAN 59 22.230.44.62/27

UA 2 – OSPF Area 2

22.230.64.0/19

BCP_66072_ST2R

LO0 22.230.64.9

FA0/0 172.20.79.17/29

TU6607 172.21.79.16/25

VLAN 58 22.230.72.254/27

VLAN 59 22.230.72.62/27

BCP_66073_ST2R

LO0 22.230.64.10

FA0/0 172.20.79.25/29

TU6607 172.21.79.24/25

VLAN 58 22.230.76.254/27

VLAN 59 22.230.76.62/27

JNN_66070_ST2R

LO0 22.230.64.2

FA0/0 172.20.79.9/29

TU6607 172.21.79.8/25

VLAN 58 22.230.67.126/26

VLAN 59 22.230.66.62/27

3

Packet vs. Circuit-Switched

• More efficient use of bandwidth and equipment.

• Lower transmission costs.• IP is connectionless (RTP).• Allows for prioritization of traffic.

While it used to be true that the savings created by using VoIP instead of traditional long distance justified its implementation, it is not necessarily the only, or the best reason to do so. Circuit-switched technology relied on a system that used 64k of bandwidth for every voice path, which can now be eliminated by many compression techniques. Organizations no longer require expensive multiplexing equipment (CSU/DSU) in order to benefit from multiple trunking. It also allows all technologies employed to converge into a single unified structure. This includes computers, phones, cell phones, and PDAs.

4

VoIP Network and Components

IP Backbone

PSTN

POTS

POTS

App. Server

PBX

A single converged network includes many different elements. This includes the latest VoIP technology such as Cisco’s IP phones, Call Manager server and routers. This also includes the capability to connect to traditional analog PBX systems, if needed. The integration of all the various telephony allows the user to be on any media type and still be able to reach any other end user by simply dialing their 7 or 10 digit number.

5

Traditional Analog Signaling

Dual Tone Multi Frequency (DTMF)

Dual-tone multi-frequency (DTMF) signaling is used for telephone signaling over the line in the voice-frequency band to the call switching center. The version of DTMF used for telephone tone dialing is known by the trademarked term Touch-Tone, and is standardized by ITU-T Recommendation Q.23. A different version is used for signaling internal to the telephone network. DTMF is an example of a multifrequency shift keying (MFSK) system. Today DTMF is used for most call setup to the telephone exchange, at least in developed regions of the world, and trunk signaling is now done out of band using the SS7 signaling system. The in band trunk signaling tones were different from the DTMF tones known as Touch-Tone, with a two out of six code being used rather than a square matrix. The DTMF keypad is laid out in a 4×4 matrix, with each row representing a low frequency, and each column representing a high frequency. Pressing a single key such as '1' will send a sinusoidal tone of the two frequencies 697 and 1209 hertz (Hz). The two tones are the reason for calling it multifrequency. These tones are then decoded by the switching center in order to determine which key was pressed. The tone frequencies, as defined by the Precise Tone Plan, are selected such that harmonics and intermodulation products will not cause an unreliable signal.

6

7

No frequency is a multiple of another, the difference between any two frequencies does not equal any of the frequencies, and the sum of any two frequencies does not equal any of the frequencies. The frequencies were initially designed with a ratio of 21/19, which is slightly less than a whole tone. The frequencies may not vary more than ±1.5% from their nominal frequency, or the switching center will ignore the signal. The high frequencies may be the same volume or louder as the low frequencies when sent across the line. The loudness difference between the high and low frequencies can be as large as 3 decibels (dB) and is referred to as "twist".

Analog Signaling

• Supervisory Signaling• On-hook• Off-hook• Ringing

• Address Signaling• Tone Dialing• Pulse Dialing

• Informational Signaling• Dial Tone• Busy Tone• Ringback• Congestion• Reorder• Receiver Off-hook• No Such Number• Confirmation Tone

The signaling between the subscriber switches and the telephony service providers can be identified as follows: Supervisory Signaling - electrical voltages and tones that can be heard are used to signify call status as follows: On-hook - produces an open circuit, which does not allow any signaling; only the ringer can operate. Off-hook - lifting the handset closes the circuit and allows the telephone switch to send an audible dial tone to the receiver. Ringing - the switch sends a ringing voltage to the destination telephone as notification of an incoming call. In addition, an audible ringing tone is sent to the caller telephone to indicate that the call is progressing. This tone takes the form of a pattern called Cadence In Europe this Cadence takes the form of a double ring (duration of 0.4s separated by 0.2s) followed by two seconds of silence, whereas in the US it takes the form of two seconds of ring followed by four seconds of silence. Address Signaling - there are two types of dialing:

8

9

1. Pulse Dialing - this is the original form of dialing a number. The telephone has a rotary dial mounted on to a spring that returns the dial to its original position when it is turn. The switch identifies each number by how many makes and breaks are made of the local loop. The ratio of make to break must be 40%: 60%. The number of make/break cycles corresponds to the number being dialed. Each position on the rotary dial corresponds to a different number. Typically, the cam that causes the makes and breaks will give 10-20 pulses a second.

2. Tone Dialing - Now more commonly used is the Dual Tone Multi-

Frequency (DTMF) method that uses the concept of the keypad where each key position is represented by two tones. Each row is assigned a different low frequency whilst each column is assigned a different high frequency.

When a key is pressed, two tones are sent to the telephone company a low frequency tone and a high frequency tone, which identify the key being pressed in much the same way X and Y co-ordinates identify a point on a graph.

Informational Signaling - The following tones are used to describe the call progress: Dial Tone - (Continuous 350Hz + 440Hz) indicates that the switch is ready to receive digits. Busy Tone - (480Hz + 620Hz, 0.5s on and 0.5s off) indicates that the other end is busy. Line Ring Back - (440Hz + 480Hz, 2s on and 4s off) means that the telephone company is in the process of completing a call on behalf of the caller. PBX Ring Back - (440Hz + 480Hz, 1s on and 3s off) means that the switch is in the process of completing a call on behalf of the caller. Congestion - (480Hz + 620Hz, 0.2s on and 0.3s off) means that there is congestion in the network along the path so that the call cannot be set up. Reorder - (480Hz + 620Hz, 0.3s on and 0.2s off) means that all the circuits are busy on the local switch. Receiver Off Hook - (1400Hz + 2060Hz + 2450Hz + 2600Hz, 0.1s on and 0.1s off) means that the other end has left the receiver off the hook. No Such Number - (Continuous 200Hz + 400Hz) means that the dialed number does not exist. Confirmation Tone - (Noise at a frequency of 1Hz sounds like a slow rasping noise) means that the call setup is being attempted.

Analog Interfaces

• FXS – Foreign Exchange Station• Analog Phones• Fax Machines

• FXO – Foreign Exchange Office• Trunking to Central Office

• T-1/E-1 • Multiplexed, digital trunking

The most common analog interfaces used in the Cisco suite of routers are FXO and FXS cards. These utilize an industry-wide standard that allows for the interface of traditional analog phones, fax machines, and connections to a Central Office switching system. While T-1/E-1 cards are not purely analog, they do fall under the POTS selection of interfaces. They provide the analog to digital conversion as well as the multiplexing and distant end signaling that is required.

10

FXS Interface

• FXS interface connects analog edge devices, such as telephone or fax.

The Foreign Exchange Station (FXS) interface provides an analog connection to a Group 3 fax or analogue phone. The FXS interface imitates a switch and provides power, ring voltage and dial tone just as a PBX telephone port would. The trunk side of a Key system or lines going to the CO switch from a PBX would use an FXS port. Normally, an FXS port used for an analogue phone would be set to Loop Start signaling, where as if a Key System or PBX is connected then Ground Start signaling would be preferred (see later for signaling). The Call Progress Tone is country dependent and includes the dial tone, busy tone and the ring back tone. The Cadence is also country dependent and defines how the ringing voltage is sent when a call is required, in the UK this one short ring followed by a longer ring.

11

FXO Interface

PSTN

PBX

CO

• FXO interface connects to the PSTN or station side of a switch.• T1 is a digital interface that provides up to 24 channels for voice.

The Foreign Exchange Office (FXO) interface allows you to make an analogue connection to a remote switch either a CO switch in the PSTN or a remote PBX. The switch sees the FXO interface as a telephone and so an FXO port connects to the station side of the PBX N.B. This is different from an FXS interface, which expects a telephone to be connected TO it, i.e. it needs a dial tone. The FXO interface provides pulse or tone dialing. This means that you can connect between an FXS interface and an FXO interface thereby providing a Foreign Exchange (FX) Trunk. This allows you to set up a long distance extension for a local phone line (called an Off-Premises Extension or OPX). The signaling method used is normally Ground Start. You also configure the number of rings before the FXO port answers a call; this allows you to redirect calls on a router after four rings if you do not answer it. The FXO port should also be configured for the dial type (pulse or DTMF) for outbound dialing. FXO ports should be able to support Supervisory Disconnect where the port can detect the 350ms drop in power from a connected switch and interpret this as a call disconnect.

12

Dial-Peer Interface Types

Pots

• FXS• FXO• T1

VoIP

• IP• ISDN• Frame Relay• ATM

Voice ports on routers and access servers emulate physical telephony switch connections so that voice calls and their associated signaling can be transferred intact between a packet network and a circuit-switched network or device. For a voice call to occur, certain information must be passed between the telephony devices at either end of the call, such as the devices' on-hook status, the line's availability, and whether an incoming call is trying to reach a device. This information is referred to as signaling, and to process it properly, the devices at both ends of the call segment (that is, those directly connected to each other) must use the same type of signaling. The devices in the packet network must be configured to convey signaling information in a way that the circuit-switched network can understand. They must also be able to understand signaling information received from the circuit-switched network. This is accomplished by installing appropriate voice hardware in the router or access server and by configuring the voice ports that connect to telephony devices or the circuit-switched network.

13

Dial-Peer Call Legs

IP Cloud

OriginatingGateway

Call Leg 1POTS

Call Leg 2VoIP

Call Leg 4POTS

TerminatingGateway

Call Leg 3 VoIP

InboundOutbound

Outbound

Inbound

For inbound calls from a plain old telephone service (POTS) interface that are destined for the packet network, the originating router/gateway matches an inbound POTS dial peer for the inbound call leg first. Next, the originating router/gateway creates an outbound Voice-Network dial peer such as Voice over IP (VoIP) or for the outbound call leg. After this, the router/gateway bridges the two call legs. For inbound calls from a Voice Network interface that are destined for a POTS interface, the terminating router/gateway matches an inbound Voice Network dial peer for the inbound call leg. Next, an outbound POTS dial peer is created for the outbound call leg

14

POTS Dial Peers

Dial Peer 1

Voice Port1/0/0

6605198

Router 1

Router# config tRouter (config)# dial-peer voice 1 potsRouter (config-dial-peer)# destination-pattern 6605198Router (config-dial-peer)# port 1/0/0Router (config-dial-peer)# end

Configuration for Dial-Peer 1 on Router 1

POTS (Plain Old Telephone Service) dial-peers are some of the simplest to configure. Upon installing an FXS module into a voice-capable router, the interface immediately provides dial tone to any device connected to it and can accept digits. To allow the device to be called, a dial-peer consisting of the 7-digit destination pattern and port address needs to be configured.

15

Dial-peer Options - POTS

• application• port• digit-strip• direct-inward-dial• forward-digits• max-conn• preference• translate-outgoing

When creating voice dial-peers, you must select whether it will be type POTS or VoIP. Depending on which one is chosen, a different set of configuration options are available. POTS dial peers define the characteristics of a traditional telephony network connection. POTS dial peers map a dialed string to a specific voice port on the local router, normally the voice port connecting the router to the local PSTN, PBX, or telephone. Application – Invokes a variety of applications when a call is received on a port. In the case of Call Manager, you use application MGCPAPP to enable MGCP on a port. The default is the session application. Port – Maps the dial peer to a specific logical interface. Digit-strip – Strips all explicitly matched digits on a POTS dial peer. The default is enabled. You can disable this using the command no digit-strip. Direct-Inward-Dial – Enables the Direct Inward Dialing (DID) call treatment for the incoming called number. Forward-digits – Configures the digit-forwarding method used by the dial peer. The valid range for the number of digits forwarded (num-digit) is 0 through 32.

16

17

Max-conn – Specifies the maximum number of allowed connections to and from the POTS dial peer. The valid range is 1 through 2147483647. Preference – Configures a preference for the POTS dial peer. The valid range is 0 through 10, where the lower the number, the higher the preference. Commonly used for multiple dial peers with matching destination patterns. Translate-outgoing – Specifies a defined translation profile to be utilized on this dial-peer. Will allows more flexibility in shaping the digits sent on outbound calls.

POTS – Dial-Peer 0

• Default, non-configurable• No application• No direct inward dial

Dial-peer 0 has a default configuration that cannot be changed. The default dial-peer 0 fails to negotiate non-default capabilities, services, and applications.

18

Destination-Pattern Formatting

• Period (.) single digit match

• Comma (,) pause during dial

• Brackets ([ ]) which indicate a range

• (T) any length match

•.T matches all dial strings

Within a voice-enabled router configuration, there are special characters established to match certain digits, spaces, or wildcard matches.

• Period (.) which matches any single digit (wildcard). • Comma (,), which inserts a pause between digits. • Brackets ([ ]) that indicate a range. A range is a sequence of characters

enclosed in the brackets; only numeric characters from 0 to 9 are allowed. • (T) is a control character indicating that the destination-pattern is a

variable-length dial string. Note a (.T) pattern is used as a catch-all in a CPN configuration, usually pointing to the HUB.

19

Digit Collection

The router collects digits, one at a time, until it can match an out bound dial-peer.

After a match is made, the router immediately places a call.

No further digits are collected.

dial-peer voice 1 potsdestination-pattern 6605port 0/3/0

dial-peer voice 2 potsdestination-pattern 6605198port 0/3/0

Dial-peer 1 will match first.Only the collected digits of 6605will be forwarded.

dial-peer voice 1 potsdestination-pattern 6605...port 0/3/0

dial-peer voice 2 potsdestination-pattern 6605198port 0/3/0

Dial-peer 2 will match first.Collected digits of 6605198will be forwarded.

When digits are accepted by the router, they are immediately matched against configured dial peers. Care must be taken to configure the destination patterns accurately, as not doing so can lead to unintended results. In the first example, two dial peers are on a router, both beginning with “6605”. Because dial-peer 1 is a four digit specific match, it will never allow the second dial-peer to be selected. The router will always select dial-peer 1 after the fourth digit is dialed. In the second example, both dial-peers are valid for the numbers entered; however, because dial-peer 2 is a more specific match, it will be selected.

20

POTS Digit Forwarding

• By default, POTS dial peers consume explicit-matched digits.

• Disable with no digit-strip command.

dial-peer voice 1 potsdestination-pattern 6605…port 0/3/0:1

Dialed digits of 6605198 Dialed digits of 6605198

dial-peer voice 1 potsdestination-pattern 6605…no digit-stripport 0/3/0:1

All 7 digits will be forwarded.Only digits of 198 are forwarded.

When using POTS interfaces, which require dial-peers configured as POTS types, it is important to remember that by default, any specifically matched digits are automatically stripped and NOT forwarded out the selected port. To disable this function, you may enter the “no digit-strip” command as shown in the second example.

21

Cisco Local Dialing - FXS

dial-peer voice 1 potsdestination-pattern 6605199port 0/1/1

dial-peer voice 2 potsdestination-pattern 6605198port 0/1/0

When more than one analog device is connected locally to a router, it is possible for each phone to call the other with the configuration of two POTS dial-peers.

22

POTS Dial-Peer Lab 1

1. Connect 2 phones to a single FXS module.2. Configure dial-peers for each.3. Use numbers <team label>01 & <team

label>02.** Ex. 6605098 & 6605099

Create 2 dial-peers, one for each phone and verify that they can call each other. Utilize the given 7 digit-numbering plan for local phones.

23

H.323 Protocol Suite

Transport Protocols & Network I/F

H.261H.263

G.711G.729G.723.1

RTP

RTCP H.225Call Signaling

H.225RAS

H.245Control Signaling

T.120 Data

Audio Apps Video Apps Terminal Call Manager

H.323 terminals must support the following:

• H.245 for exchanging terminal capabilities and creation of media channels.

• H.225 for call signaling and call setup. • RAS for registration and other admission control with a gatekeeper. • RTP/RTCP for sequencing audio and video packets.

H.225 Registration, Admission, and Status (RAS) Registration, admission, and status (RAS) is the protocol between endpoints (terminals and gateways) and gatekeepers. The RAS is used to perform registration, admission control, bandwidth changes, status, and disengage procedures between endpoints and gatekeepers. An RAS channel is used to exchange RAS messages. This signaling channel is opened between an endpoint and a gatekeeper prior to the establishment of any other channels. H.225 Call Signaling The H.225 call signaling is used to establish a connection between two H.323 endpoints. This is achieved by exchanging H.225 protocol messages on the call-signaling channel. The call-signaling channel is opened between two H.323 endpoints or between an endpoint and the gatekeeper.

24

25

H.245 Control Signaling H.245 control signaling is used to exchange end-to-end control messages governing the operation of the H.323 endpoint. These control messages carry information related to the following:

• capabilities exchange • opening and closing of logical channels used to carry media streams • flow-control messages • general commands and indications

H.323 Protocol Codecs

Audio CodecsP art of the H.323 pro tocol suiteA ble to potentia lly compress audio signa ls

Codecs defined by H.323 standardsG.711 - voiceG.722 - voiceG.723 – video G.728 - voiceG.729a&b - voice

In order for any audio or video to be transmitted across the IP network, it first must be converted to a digital format. Because converted audio streams can consume a significant amount of bandwidth, many of the audio codecs also provide a level of compression, which can considerably reduce the bandwidth that they consume. However, compression can cause degraded voice quality, which is why the different audio codecs offer different levels of compression. Most audio codecs fall within the H.323 protocol suite for VoIP. The following are common codecs found within the industry and their data rates with packet headers.

• G.711 – 90kbps • G.722 – 16kbps • G.723 – 6.3kbps • G.728 – 16 kbps • G.729a&b – 9.6kbps

The actual bandwidth requirements for each codec varies based on the media traversed, sample size and processing resources.

26

CODECs

• Conversion of audio to digital samples• Cisco-supported CODECs

• G.711 – Consumes most bandwidth, but requires least processor resources

• G.729 – Consumes little bandwidth, but requires Digital Signal Processors to function

As explained in the preceding pages, there are a number of different CODECs that have been defined as standards. Cisco’s Call Manager and Call Manager Express suite of systems utilize just two for the Voice over IP implementation – G.711 and G.729. As explained above, the selection of CODEC really comes down to available processing resources. Implementing G.729 will require specialized equipment, namely DSP (Digital Signal Processor) chips. These are normally found in the routing or switching equipment that are found on the local LAN of the call processing equipment. If DSPs are unavailable, G.711 will most likely need to be used throughout the network.

27

Transcoding

G.711G.729

G.711>G.729 G.729>G.711

PVDM Indicators

Cisco 2811 Router

Transcoding is the process of converting between two different codecs or signal format types. Transcoding is done by the router with the use of PVDM (Packet Voice DSP Module) modules; these modules contain one or more DSPs (Digital Signal Processor). The number of DSPs is dependent on what type of PVDM module you have (Max 4) and the number of PVDM slots you have inside of your router (2811s have two). The PVDM modules also provide timeslots for T1 cards, media termination points, and transcoding. Each DSP can handle simultaneous transcoding sessions but conferencing requires the complete use of one DSP. NOTE: One Transcoding session equals one phone call.

28

Compression Techniques

• PCM – Pulse Code Modulation (G.711)• ADPCM – Adaptive Differential PCM (G.726)• CELP – Code-Excited Linear Predictive • LDCELP – Low-Delay CELP (G.728)• CS-ACELP – Conjugate Structure Algebraic CELP

(G.729)

NOTE: The following notes were taken from www.rhyshaden.com/voice.htm Waveform coders produce a non-linear approximation of the waveform. We have seen one form of voice compression called Pulse Code Modulation (PCM), which is a Waveform Compression Algorithm that just looks at the waveform irrespective of the voice patterns. Another Waveform Algorithm is Adaptive Differential Pulse Code Modulation (ADPCM). ADPCM takes 8000 samples per second and uses for example, 4 bits for each of the 8000 samples (giving 8000 x 4 = 32kbps bandwidth requirement). This is called the Quantization Granularity. Using 4 bits means that there are 24 = 64 different bit values instead of 8 bits in standard PCM giving 256 values. Each bit value represents a change from the value of the previous sample, with the assumption that differences are never likely to be more than 4 bits change. Every so often, a full marker value is sent rather than just the differences from the previous sample. Using 4 bits instead of 8 bits means that ADPCM uses 32 Kbps so gives better use of bandwidth. The ITU designate this as compression standard G.726r32. Using 3 bits per sample is defined in G.726r24 and uses 24 Kbps of bandwidth whereas using 2 bits per sample is defined in G.726r16 and uses 16 Kbps. There is also a G.726r40. The encoding delay is typically less than 1ms, which makes ADPCM very attractive, particularly in environments where there is Tandem Switching. The 'Adaptive' in ADPCM refers to the fact that the quantization granularity changes automatically depending on the Signal-to-Quantizing Noise Ratio (SQR). ADPCM dynamically reduces how many bits are used for sampling as the network becomes more congested, 40 Kbps -> 32 Kbps -> 24 Kbps -> 16 Kbps.

29

30

ADPCM gives very little delay (typically less than 1ms) even when conversion occurs to PCM and back to ADPCM. Hybrid coding comes under the broad spectrum of Analysis by Synthesis (AbS) coding where analysis is continually performed on the speech and the algorithm attempts to predict the waveform in the near future (around 5ms). This occurs via a feedback loop and adds a little 5ms delay to the voice path. The most common form of this is Code Excited Linear Predictive (CELP) or Algebraic Code Excited Linear Prediction (ACELP). This can provide high quality voice reproduction at low bit rates. With CELP, voice signals are compressed as follows: The 8-bit PCM signal is converted to a 16-bit linear PCM sample. The speech is analyzed and compressed with a vector quantizer. A Vector Quantizer Codebook is used to learn and predict the voice waveform. The codebook is a collection of human voice waveforms called Diphones that make up speech. The codebook has an index typically of 1024 entries (represented by 10 bits). There is also a gain value made up of 5 bits. This controls the power. The coder is initiated by white noise; the code assigned to each sound is the index of that sound within the codebook. The resultant code, or index, is sent to the far end for decoding back into the voice waveform using the code as an index and looking the sound up in the same codebook at the other end. One version of CELP is called Low Delay Codebook Excited Linear Predictive (LDCELP) and is defined by G.728. LDCELP uses a small codebook and operates at 16 Kbps and there is no lookup thereby minimizing the delay to between 2 and 5ms, hence 'Low Delay'. A 10-bit codeword is assigned to every block of five speech samples. Four code words are grouped together into a sub-frame, which takes 2.5ms to encode, and two sub-frames are transmitted at a time 5ms per pair. Another version of CELP is Conjugate Structure Algebraic CELP (CS-ACELP) and is defined in G.729. CS-ACELP has almost the same perceived level of quality as PCM and is at least as good as ADPCM at 32kbps. CS-ACELP operates at 8 Kbps of bandwidth and works by using sound pattern matching against multiple PCM bytes and 80-byte frames take 10ms to translate. CS-ACELP performs a 5ms look ahead to predict the next wave pattern plus it also reduces noise and does pitch-synthesis filtering. G.729 is able to model nuances and accents in human speech but requires about 20 MIPs of processing power. G.729 has two variants. Annex A (G.729A) is less processor intensive (requires about 11 MIPS) and allows double the number of calls as plain G.729. Annex B (G.729B) adds Voice Activity Detection (VAD) and Comfort Noise Generation (CNG) which work together to reduce bandwidth used. You can combine Annex B with G.729A to give G.729AB. The G.729 variants can generally interoperate with each other.

H323/RTP/RTCP

H323 Gateway

RTP/RTCP Traffic

CME RouterH323 Gateway

RTP/RTCP Traffic

Audio

Audio

To complete the packet voice circuit, H323, RTP, and RTCP are utilized. Depending on the placement of analog to digital conversion systems, the packetized voice may traverse the entire length of the system or any portion thereof. In the first example above, the audio stream is of course played out in the handset of both analog receivers. The voice is digitized on both of the voice-enabled routers; normally an FXS card is the conversion point. The H323 & RTP streams originate and terminate at the same location – the voice-enabled routers. In the second example, on end of the call is replaced with a Call Manager Express router and Voice over IP phone. This allows the voice carrier to be digitized and broken into packets at the IP phone and at the destination router. For signaling however, SCCP is used between router and phone, and H.323 is used from router to router.

31

VoIP Dial Peers

IP Cloud

6605198 6607198

Dial Peer 1

Dial Peer 2

Router 2Loopback address:

22.230.64.2

Voice Port1/0/0

Router 1

Router# config tRouter (config)# dial-peer voice 2 voipRouter (config-dial-peer)# destination-pattern 6607198Router (config-dial-peer)# session target ipv4:22.230.64.2Router (config-dial-peer)# codec g711ulawRouter (config-dial-peer)# no vadRouter (config-dial-peer)# preference 1

Configuration for Dial-Peer 2 on Router 1

When two routers are reachable via IP, it is possible to use VoIP-based dial-peers to call out. In order to configure a VoIP dial-peer, the destination number (pattern) and IP address (session target) must be entered. Under normal circumstances, the rest of the configuration can be left to default and are adequate to establish connections. The above example reflects common settings used in the military tactical network.

32

Dial-peer Options - VoIP

• codec• voice-class codec• dtmf-relay• session target• ip qos • max-conn• translate-outgoing• vad

There are several settings required upon selection of a dial peer of type VoIP. CODEC - Selects a single CODEC that may be used for this dial peer. By default, g.729r8 is used. The only other selection currently supported is g711ulaw. Voice-class codec – Rather than selecting only a single CODEC as above, you may create a list of preferred codecs, as described on the following page. Dtmf-relay – Allows you to choose which signaling format to use to pass DTMF thru to the distant end. Session target – Used to point the dial peer traffic to the distant end. The options used are ipv4 or dns, depending on whether your system supports DNS lookups. ip QoS – Used to modify the QOS tag of the H.323 packets. max-conn – same as the POTS version. translate-outgoing – same as the POTS version. vad – Allows you to specify whether to use Voice Activity Detection, which allows the system to send “empty” RTP packets or to send RTP only when sound is detected.

33

Codec Preference

• Usage –• Allows dial-peers to flexibly negotiate CODECs

• Application –• config t• voice class codec 1• codec preference 1 g729r8• codec preference 2 g711ulaw

• dial-peer voice 1 voip• no codec g711ulaw• voice-class codec 1

This is an example used to specify the allowance of the dial-peer to negotiate the CODEC to use for the incoming or outgoing VoIP call.

34

VOIP Dial-Peer 0

• Default, non-configurable• Any supported codec• No DTMF relay• IP precedence 0• VAD-enabled• No RSVP support• Fax-rate voice

When no match is made for an inbound VoIP call, then the default dial-peer 0 is used. It supports any CODEC that is supported by the platform (G711 or G729). It also enables VAD. Generally, it is undesirable to allow normal VoIP calls to utilize this dial-peer on a regular basis. For any expected inbound calls, there should be a dial-peer that is configured to match it.

35

VoIP Dial-Peer Lab 2

1. Connect at least one line to FXS module.2. Create VOIP dial-peers for all other stations.3. Experiment by trying different codecs (G711,

G729).

Perform the following steps:

1. Ensure that at least one dial-peer is configured for POTS FXS dialing. 2. Created VOIP dial-peers for all other stations. 3. Start with G711ulaw as the codec and then changed to different codecs

after successful dialing. Without both ends specifying the same codec, the call should fail.

4. Enable the voice-class codec list including both G711 and G729, calls of either type should negotiate successfully and allow the call to proceed.

36

Analog to Digital Conversion

quan

tizat

ion

8 Bit Samples at 8000 Samples Per Second

Analog to Digital Sampling

The Modern Telco digitizes speech using Pulse Code Modulation (PCM) on 64K (DS0) channels. 64 Kbps is considered to be Digital Signal Level 0. Each channel is sampled 8000 times/second according to Nyquist's Theorem, and incorporates 8 bits per sample (hence 8bits x 8000 giving 64,000 bits/sec). This figure of 8000 comes from the fact that the valuable range of telephone signals is 100Hz to 4kHz, and the sampling rate is twice that of the highest signal. The standard G.711 defines the Pulse Code Modulation (PCM) 64Kb/s voice channel. DS0 trunks make up the trunks around the digital network that can carry data or voice. For voice, the conversion to 2-wire analogue occurs at the switch closest to the user. Straight digital signals (bipolar) are used across these lines so no modem is required. A Channel Service Unit/Data Service Unit (CSU/DSU) provides the interface for the end user and converts the DTE's digital signals into the Synchronous digital signals used over the WAN. This allows any number of DS0 channels to be added or dropped from a multiplexed stream, such as a T-1 or E-1.

37

T-1 Multiplexing

• One frame = 24, 8 bit channels + 1 frame bit = 193 bits.

• SF “robs” 12 user bits for synchronization and CRC.• ESF “robs” 24 user bits – more accurate CRC &

signaling.

Framing - For the DS-1, also called T1, Time Division Multiplexing (TDM) is used to transport multiple channels over one line. Clocking of the serial transmission needs to occur at one end of the link or the other, sometimes you will see the clocking options as internal i.e. provided by the local device, or line meaning that the clock is provided by the remote device. Two-pairs are used in a T1 link. The T1 link can operate in full-duplex mode where one pair transmits and the other pair receives. 24 channels are available for transmission and these are grouped together to form a Frame i.e. the 24 time slots (8 bits each) plus one framing bit form one T1 frame (193 bits, the 193rd bit being the synchronization/framing bit). For 8000 samples a second, a T1 frame must be transmitted every 125 secs, we can therefore calculate the T1 line rate as 193 x 8000 = 1.544 Mbps (A DS0 line rate is 8 bits x 8000 = 64 Kbps). The frames can also be grouped into 12 sequenced frames to form a Superframe (SF) (also called a D4), which means that 12 framing bits are used per SF. These 12 framing bits are also called F bits. They form the sequence 100011011100 and are used to sequence the SF within 4 frames. In one second, 8000 'F' bits are used for framing. This is encapsulated in the G.704 framing standard. A D4 contains 288 channels. The frames could also be grouped into 24 to form the newer framing format called the Extended Superframe (ESF). The 8000 'F' bits are used differently in ESF where 2000 'F' bits are used for framing, 2000 are used for CRC-6 error

38

39

checking and 4000 are used as a supervisory channel for things such as loopback and error reporting. An ESF contains 576 channels. Channel Associated Signaling (CAS) T1 signaling can take the form of CAS using Robbed Bit Signaling where bits are 'robbed' from the channels carrying the voice. This is called In-band Signaling. In the SF, the LSB is 'robbed' from each of the 24 x 8-bit timeslots in the 6th and the 12th frames. The A bit comes from the 6th frame timeslots whereas the B bit comes from the 12th frame timeslots. These 'robbed' bits are used for call supervision and trunk signaling in the voice environment e.g. the 'A' bit is commonly used in the same way that the 'M' lead is used in E&M signaling i.e. signaling by pulsing the 'A' bit. This Bit Robbing is fine if the channels are used for voice because the 8-bit samples being reduced to 7 bits every six frames does not significantly impact on voice quality. Data is of course not so forgiving with the lowered quality line so each channel is reduced to 56kbps for data (In the US a type of ISDN called Switched Services uses bit-robbing technology that results in a 56kbps B-channel). The problem with using CAS is that these robbed bits are really only used when setting up and establishing a call, the rest of the time the bandwidth is wasted. The only messages used are Wink, Ringing, Hang up and Pulse Digit Dialing. The ESF operates a similar manner to the SF other than bits are robbed from the 18th frame (C bits) and the 24th frame (D bits). The main difference between channelized lines (analogue) and non-channelized lines (ISDN) is that they do not have a built-in D-channel. For example, all 24 channels on a T1 line only carry data. The signaling is in-band or associated to the data channels (Channel Associated Signaling (CAS)). Traditional channelized lines do not support digitized data calls (for example, BRI with 2B+D). Channelized lines support a variety of in-band signal types, such as ground start, loop start, wink start, immediate start, E&M and R2. Common Channel Signaling (CCS) T1 signaling can also take the form of CCS, which is normally Common Channel Signaling Number 7 (SS7) or Primary Rate ISDN where one channel (D-channel, channel 24) is used for Q.931 signaling. This is called Out-of-band Signaling since the signaling is in a channel that is separate from the voice channels. This speeds up call setup by up to a factor of 5, to 1-3 seconds. One signaling channel can handle up to 1500 calls. SS7 is a protocol in its own right, very akin to X.25 where switches exchange billing, switching and signaling information. With CCS, PRI does not operate Bit Robbing but takes one of the channels and uses that for signaling (D-channel) instead leaving 23 channels for the data. The line encoding coding scheme used to allow both data and voice is usually based on a pseudo-ternary bipolar code called Bipolar with 8-Zeros Substitution (B8ZS). This is called Clear Channel. Another coding scheme called B7 exists for voice only applications and yet another called Alternate Mark Inversion (AMI) is commonly used.

Digital Voice Config Parameters

• Framing• SF• ESF

• Line Code• AMI• B8ZS

• Clock Source• Line• Internal

• Timeslots• Specify Channel

Membership

You must create a digital voice port in the T1 or E1 controller to make the digital voice port available for specific voice port configuration parameters. You must also assign timeslots and signaling to the logical voice port. The first step is to create the T1 or E1 digital voice port with the ds0-group ds0-group-no timeslots timeslot-list type signal-type command. The following list describes the command syntax:

• The ds0-group command automatically creates a logical voice port that is numbered as slot/port: ds0-group-no.

• The ds0-group-no parameter identifies the DS0 group (number from 0 to 23 for T1 and from 0 to 30 for E1). This group number is used as part of the logical voice port-numbering scheme.

• The timeslots command allows the user to specify which timeslots are parts of the DS0 group.

• The timeslot-list parameter is a single timeslot number, a single range of numbers, or multiple ranges of numbers separated by commas.

• The type command defines the emulated analog signaling method that the router uses to connect to the PBX or PSTN. The type depends on whether the interface is T1 or E1.

• The signal-type parameter is the signaling type being used by all channels in the DS0 group. For example, the signaling type could be configured as e&m-wink-start, which would cause each channel in the DS0 group to use E&M wink-start signaling.

40

Controller T1 Configuration

1. router# configure terminal2. router(config)# network-clock-participate wic 2 (slot #)3. Router(config)# controller t1 0/2/04. Router(config-controller)# framing esf5. Router(config-controller)# clock source line6. Router(config-controller)# linecode b8zs7. Router(config-controller)# ds0-group 1 timeslots 1-2 type e&m-

wink-start dtmf dnis

(1) Assigns card-slot to network clock. (2) Enters controller configuration mode. (3) Sets the framing to Extended Superframe. (4) Specifies that the controller receives clocking from the network. (5) Sets the line coding to Bipolar 8 Zero Substitution. (6) Defines a DS0 group, which contains the first 12 channels of the T1, and configures the signaling for those channels as E&M Wink Start signaling ISDN.

41

T-1 Dial Peers

6605198 6607198

Dial Peer 1

Dial Peer 2

Router 2

Voice Port0/3/0:1

Router 1

Router# config tRouter (config)# dial-peer voice 2 potsRouter (config-dial-peer)# destination-pattern 6605…Router (config-dial-peer)# port 0/3/0:1Router (config-dial-peer)# direct-inward-dialRouter (config-dial-peer)# no digit-stripRouter (config-dial-peer)# preference 2

Configuration for Dial-Peer 2 on Router 1

T - 1

42

T-1 Dial Peer Lab 3

1. Connect at least one phone to FXS.2. Connect routers via T-1.3. Configure dial-peers for phones and

trunking to distant end.

Due to the limited T-1 controller interfaces available, perform this lab in groups as class size permits.

1. Ensure that there is a dial-peer configured for POTS FXS for local dialing. 2. Configure the T-1 controller to synchronize with the distant end. 3. Configure no more than 6 timeslots per router. 4. Create a dial-peer to utilize the T-1 to connect and ring the distant end

POTS line.

43

Troubleshooting Voice Ports

1. Check for dial tone (FXS only).2. Check for DTMF tones (FXS only).3. Use show voice port to check

configuration.4. Use show voice port to ensure port is

enabled.5. Be sure PBX configuration is

compatible with voice port.6. Check physical installation of hardware.

Show Commands - Voice Ports

shows all calls in progressshow voice call status

shows all dsp statusshow voice dsp

shows all voice port configurations in briefshow voice port summary

shows one voice port configurations in detailshow voice port x/y/z

shows all voice port configurations in detailshow voice port

DescriptionCommand

44

TAB

Insert Tab # 4 Here

Cisco Call Manager Basic Configuration

2

Station Layout

LINE 1 – 6605001

LINE 2 – 6605003

LINE 1 – 6605002

LINE 2 – 6605004

The above layout will be the basic setup used throughout the Cisco voice course. There will be two phones, a router, a switch (or router with switchport module), and Call Manager (or Express) system per station.

3

Switching Components

• Line Connection• Trunk Connection• Switching• Call Processing

The Switching Components listed above are basic components of any call processing agent i.e. Analog, Digital or IP Based Switching.

4

Legacy PBX Technology

Line Connection

Trunk Connection

Call Processing Switching

TraditionalPBX

Digital/AnalogPhones

A Private Branch Exchange (PBX) is a high-capacity telephone system owned privately by the company that uses it. It switches analog (or digitally converted analog) calls internally between telephones and switches calls to the Public Switched Telephone Network (PSTN). PBXs save money by letting a large group of people share a smaller number of trunks, circuits or lines. PBXs are commonly modular or scaleable. To add more lines or stations, you add more cards to the cabinet. Features are added via a software upgrade or by using an add-on PC that works as a server for the applications. Each cabinet has a backplane with slots into which expansion cards are inserted. Communication takes place over the backplane, which sends signals from the cards to and from the lines and extensions. PBXs use the PCM (Pulse Code Modulation) protocol to turn analog signals from CO lines into frequency signals that are sent in binary code over the backplane of the PBX. Connections between a PBX and its full-featured executive station sets are commonly digital, necessitating the purchase of compatible phones from the dealer you are using. Digital communications to the telephone station gives you improved signaling and phone control (fancy LCD displays, for instance), reduces ring-voltage requirements, and gives you dial tone and signaling over just one pair of wires. Analog connections to PBX are used for regular single line telephones, modems, fax machines and adjunct systems that require them, like voicemail and IVR. On the PBX’s telco side, connections to the public telephone network are made

5

6

through a variety of different cards and ports. Loop-start and ground-start analog trunk boards let you hook up standard analog Central Office (CO) trunks. ISDN BRI boards let you hook up ISDN Basic Rate circuits. T-1/PRI boards let you bring in 24-channel digital service. Prior to the advent of Voice over IP (VoIP), a big part of the commercial and military telephony network was driven by primarily analog, circuit-switched technology. While the features were robust, they were limited to primarily voice-centric applications. The primary components of any telephony system consist of the following: Call Processing – This is the primary function of any telephony system, the ability to receive, process and transmit signals from one device to another. Switching – This mechanism allows the physical, circuit-based connections between lines that are part of the PBX system, whether they are loops or trunks. Line Connections – These provide the access to subscribers using the PBX, as well as many of the features that the system can provide to those subscribers. Trunk Connections – This portion of the PBX system provides offsite connectivity to either another PBX, voice mail system, or the PSTN network.

IP Telephony Technology

Line Connection

Trunk Connection

Call Processing Switching

The employment of IP Telephony PBX technology still utilizes the same basic systems as a traditional PBX system. Many of the individual systems however are offloaded onto one or more devices dedicated and suited to the task given. An example of this would be the necessity of a voice gateway router in the Call Manager network in order to provide connectivity to PSTN T-1, PRI, ISDN, or POTS connections. It is important to note that while many of the functions are offloaded onto one device or another, the Cisco Call Manager server or cluster provides a single, unifying location for all the services to converge and work together. This also allows for the easy implementation of additional features and services with little to no reconfiguration of the existing network.

7

IP Telephony

• CCM performs call setup and maintenance functions.• IP Phones stream audio using RTP.

IP PhoneLine 1

IP PhoneLine 2

SCCP SCCP

Real-Time Transport Protocol (RTP)

Cisco’s Call Manager telephony system consists of a server platform to manage all aspects of device registration and signaling, as well as call setup, teardown, and any in-progress changes required. Along with the server, the devices used - whether telephone, gateway, or gatekeeper - work together to provide a robust set of calling features. These features not only include traditional PBX-style calling features, but also desktop to telephony integration, unified messaging, and video teleconferencing, among other things. The two protocols in use are: SCCP – Skinny Call Control Protocol – Used primarily as the signaling method between a device and its registered call manager or between to call managers. Only used during device registration, call setup and call teardown. RTP – Real-Time Transport Protocol – Used as the end-to-end transport mechanism for applications passing real-time data, such as audio or video. RTP allows for time stamping and packet sequencing to enable the devices to reassemble the packets in the correct order.

8

SQL Cluster Relationship

Publisher

Subscriber Subscriber

• Microsoft SQL Db relationship defines the cluster.

• Cluster has one publisher server and up to eight subscribers.

• One db on the publisher replicates to subscribers.

The backend database for the Cisco Call Manager services and systems is the Microsoft SQL Server database. All Cisco Call Managers, regardless of their specific role within the cluster, have SQL server up and running, and a matching copy of the cluster’s database. Every device, trunk, and route is written to the SQL publisher database and propagated on to the subscriber servers, if any. Once a single Subscriber is added, up to the maximum of eight Subscribers, the Call Manager system is normally referred to as a cluster. Generally, a traditional PBX system is required to have a 99.9% uptime or better. For the IP telephony system to be able to meet the same requirement generally requires that two or more Call Managers work together in a clustered environment, depending on system load. A single CCM running version 3.3 or newer on a MCS-7835 server platform can support up to 2500 devices with minimal performance drop. The problem is that if the single server fails or if IP connectivity is lost, all telephony services are down until the failure is restored. By clustering two or more CCMs together, you gain the benefit of better performance, additional device support and most critically, a single point of failure in the telephony network is eliminated. If the Publisher either fails or loses connectivity, the other servers perform a record lock, such that no new writes can be performed on the database. This still allows the existing network to continue to run as-is with no changes allowed during the period of fail-over. The exception to this record lock is the Call Detail Report (CDR) database, which every server, Publisher or Subscriber, can write to during periods of failure. Once connectivity to the Publisher is restored, the CDR data is written back to the primary database, and then synchronized to all other servers in the network.

9

CCM to SQL RelationshipPublisher CCM Back-up to Subscriber CCM

Primary Subscriber CCM

Publisher SQL database

Subscriber SQL database

Registers

Writes

While SQL server is the driving engine behind CCM data, the Call Manager server itself runs the actual runtime signal and control processes. Run-time data is shared with all of the members of the cluster and ensures the optimum routing of calls between members of the cluster and the associated gateways. When a device (such as a Cisco IP Phone) registers with its primary Cisco CCM server, the primary updates all of the other CCM servers in the cluster. After registration, the device sends a TCP keepalive message to the primary server every 30 seconds and sends a TCP connect message to its secondary CCM server. When the Cisco IP Phone detects the failure of its TCP keepalive message with the primary CCM server, the device attempts to register with its secondary CCM server. The secondary Call Manager server accepts the registration from the device and announces the new registration (through intracluster run-time communication) to all of the CCM servers in the cluster. The device initiates a TCP keepalive message to the secondary CCM server (the new primary of the device) and sends a TCP connect message to a tertiary CCM server (if configured).

10

CCM 1:1 Redundancy

Publisher and Backup Subscriber

Primary Call Manager

Within the WIN-T Inc 1 and legacy JNN network, there is currently only a single Call Manager server installed for each security enclave at any given location. This means that currently there is a single point of failure at every JNN site. The most likely scenario for redundancy involves the addition of a single additional CCM added to any established security enclave at a Call Manager site. Given the latency inherent to the satellite backbone, it is unlikely that clustering will be implemented between JNN locations, nor does it fit into the current dial plan for the Army GIG network. To install an additional Call Manager server to an existing single Call Manager network requires little more than selecting a button during installation that asks whether the call manager is being added to an existing Call Manager network or not. Once an additional Call Manager is added to the network, it is important to note that there are two different roles applied to those servers. The newly installed Subscriber takes on the role of primary registration point for every device in the network. The existing Publisher server is relegated to the backup registration point for all devices. If the Publisher fails, the devices continue to operate with the Subscriber, but no new devices may be added. If the subscriber fails, the keepalive from the device to the primary (Subscriber) will fail, and the device will shift keepalives and call control over to the backup registration (Publisher) server.

11

VOIP Deployment

Division 2

Division 1Separates

Regional Hub

UEx

BCT1 BCTn

BCT1 BCT2 BCTn

CPN CPN CPN

CPN CPN CPN

Currently the WIN-T voice network rides over VoIP, with satellite as the primary transport medium. At the Regional Hub Node, the current architecture calls for 4 CCM sites per security domain - one for local site telephony and one per divisional enclave. Trunking between them requires the traffic to pass through various firewalls and IA sensors. There is no difference functionally between the CCMs located at the RHN, JNN at the UEx or any of the BCTs. Call routing from one BCT to another, whether part of a division or a separate BCT, utilizes the route table at the RHN CCM for that enclave to resolve.

12

CCM Installation Base

Hardware Platform•MCS-7835•Or Cisco approved platform.

Current Software Base•Windows 2000 Server SP4

Cisco Update 2000.2.sr4•SQL Server 2000 sp3a•DC-Directory •CCM 4.1(3)All above is included with the software package.

Cisco Call Manager is installed on Cisco-certified chassis, known as “Media Convergence Servers” MCS. The Hub Nodes (both Tactical and Regional) utilize the MCS-7835, a 2U rack mountable server. At the current Call Manager version level used, the installed OS used is Windows 2000 Server SP4. The version of SQL is 2000 sp 3a. As of the latest spiral, Cisco Call Manager’s version is 4.1(3). It is important to note that any updates required for the Microsoft OS or SQL server should not be taken from the Microsoft website. All updates are tested by Cisco and then packaged on their website for download and installation. Installing an update via Microsoft’s automatic update can cause conflicts with the Call Manager, requiring reinstallation to resolve.

13

Installation Best Practices•Change Passwords

•During upgrades, password resets to default.•Change passwords on all servers in a cluster.

•Add SNMP Community Strings•SNMP community Strings are used by Net Management Software. (Net MRI)

•Stop unnecessary services•Publisher and subscribers

•DHCP client, fax service, FTP Publishing service, Smartcard, Smartcard helper, Alert Service, computer browser, distributed file system, License Logging, Microsoft NetMeeting Remote Desktop Sharing.

•Subscribers•IIS Admin Service, WWW Publishing Service•Internet Authentication service (IAS).

It is important to keep all passwords secure and changed periodically if used regularly. There are some passwords used for Cisco Call Manager that are for disaster recovery purposes such as Directory Server, and Database Administrator passwords. The services listed are not needed for Cisco Call Manager to operate and may actually cause some unnecessary security holes if left running. CCM servers that are running as a Subscriber server don’t need to have web services enabled because all web presentation and access for the cluster are homed on the Publisher server.

14

Configuration Steps For VMware

1. Set a static IP address for Windows 2000 Server and ping VLAN 58.

2. Assign Static IP addresses for devices or configure DHCP. Set option 150 and verify devices have an IP address.

3. Login to Call Manager Administration.4. Configure System>Server.5. Configure System>Cisco Call Manager.6. Change all HTTP references with a hostname to the server IP

address under System>Enterprise Parameters.7. Set CDR and CMR Parameters in Service>Service Parameters.8. Activate Services in Application>Cisco Call Manager

Serviceability>Tools>Service Activation.9. Start Services under Application>Cisco Call Manager

Serviceability>Tools>Control Center.10. Reboot Windows 2000 Server.

Above are the Basic steps for setting up a Call manager Server for Local Dialing.

1. The Windows platform that you will run Call Manager from needs an IP address. Giving it a Static address is good practice because it will always maintain the Same IP Address. This makes it easier to locate your server in the overall topology and is essential for network management tools.

2. The IP address can be set either manually (static) or automatic (DHCP).

When configuring DHCP, option 150 must be set pointing to the server.

3. Log in to Call Manager by clicking on the HTML icon called Call Manager Administration and entering user name and password.

4. The System>Server screen is used for setting the IP address of the Call

manager Server (same as the IP address for Win 2000)

5. The System>Cisco Call manager screen is used to name the Call Manager server and to setup auto-registration for the phones.

6. The Service>Enterprise Parameters screen is used to modify base

configuration settings for the server. Use CAUTION when changing values on this screen as you can cause Call Manager to malfunction.

15

16

7. The Service>Service Parameters Screen is you can modify parameters for Call Manager services. Use Caution when changing these parameters.

8. The Service Activation screen is used to Activate or Deactivate Call

Manager services. NOT start or stop them.

9. The Control Center is where you can start, stop, or restart individual Call Manager services.

10. Reboot the Windows 2000 server by clicking Start>Shut Down> Restart.

DHCP (1)

NOTE: Any Windows not mentioned in the following steps leave the values at default and click next. 1. Go to Call Manager, Start> Programs> Administrative Tools> DHCP. 2. Right Click on CCM-Server and select “New Scope”. 3. Name the Scope “CCM”. 4. Enter the range of IP addresses you want to give out including the subnet

mask. 5. Select “yes, I want to configure these options now” and click next. 6. Enter the IP address of your VLAN 58’s default gateway and click add and

then next. 7. Select “no, I don’t want to activate this scope now” and click next.

17

DHCP (2)

8. Right click on CCM-Server again and choose “Set Predefined Options”. 9. Click “Add”. 10. Name will be “Option 150”, Data type will be “IP Address”, Code will be

“150”, 11. Click OK. 12. Enter the IP address of your Call Manager and click OK.

18

DHCP (3)

13. Highlight Scope Options and then right click and choose “Configure Options…” Scroll to the bottom and Check Option 150 and click apply and then OK

14. Right Click on Scope and select “Activate” Scope.

19

Cisco Admin Screen (1)

Cisco Admin Screen (2)

20

CCM Database Queries

• When you open a dialog box using Cisco Call Manager, the search list will normally be empty because there is “No active query…”

• Leave the Search box empty and Click “Find”.• The system will query the database and return the values from the database.

Cisco Call Manager, as stated before is a SQL server back-ended application using a web interface for administration. Because of the way SQL runs its queries, many times when a menu is selected from the administration screen for the first time, the results field will show the message “No active query. Please enter your search criteria using the options above.” Because of the relatively small size (> 100 devices) of military tactical call manager networks, a blank search field returns a manageable list to view and no search term is required. Quite simply, it is important to realize the difference between the messages “No active query…” and “No results found…” The first means that no search has been run and the second means that a search has run, but there are no records to be found.

21

System > Server Configuration

1. Click Server Name.2. Change Host Name to IP Address.3. Click Update.

1 23

Upon initialization of a Cisco Call Manager server - whether from an image, a clean installation, or a change of the IP address – you must ensure that the proper host name or IP address is entered in the System > Server field. The recommendation for the tactical network is that the IP address be used, so that there is no reliance on DNS services for the IP phone network to work.

22

System > Cisco CallManager

1

1

2

3

4

5

System>Cisco Call Manager

1. Click Server Name 2. Change Call Manager Name and Description 3. Set Directory Starting and Ending Number 4. De-select “Auto-registration Disabled on this Cisco Call Manager” 5. Click Update

There are two areas that are normally modified during CCM initialization in the System > Cisco Call Manager screen. The first is the “Cisco Call Manager Name”. The WIN-T network standard is to change this name to match the IP address of the Call Manager, however it is in fact simply a text field and can be left to the default of “CM_<CMHostName>” (i.e. CM_it4-ccm). The next area is the “Auto-Registration Information” block. If it is decided to allow auto-registration of devices in the CCM network, then the checkbox of “Auto-registration disabled” must be UNCHECKED, which is normally checked (and thus auto-reg is disabled) by default. A range of phone numbers to be given out for auto-registration must also be entered and then the screen should be updated. If auto-registration needs to be turned off later, then simply return to this screen and check the “Auto-registration disabled” box again and update.

23

System > Enterprise Parameters

http://Replace only the with an IP addressHostName

it4-ccm-1/help

Modifying the URL’s in Enterprise Parameters is a part of removing DNS reliance. For the URLs to function, an operational DNS server is required. By changing these to the server’s IP address, no DNS server is needed.

1. Go to “System” select “Enterprise Parameters” 2. Read Note below before modifying all Fields containing only the “HTTP://”

URL from Hostname to an IP Address. 3. Click “Update”

NOTE: To change the CCM configuration and modify the Enterprise Parameters screen: Go to System > Enterprise Parameters screen and modify all HTTP://URL’s Hostname references and change the Host Name to an IP address. As an example, for the parameter “URL Help”, change the field from “http://it4-ccm/help” to “http://10.1.1.100/help”. After modifying all relevant URLs within the Enterprise Parameters Screen, click update to set the entries. For these new parameters to go out to phones that are already registered, you must also restart the Call Manager service.

24

Enabling CDR & CMR Records

• CCM Admin– Service Service Parameters.– Select “Call Manager”.– Select Advanced.– Set “CDR Enabled Flag” to True.– Set “Call Diagnostics Enabled” to True.– Set “Log Zero Duration Calls” to True– Update.

There are two types of records that can be stored and analyzed by the Call Manager’s CDR Analysis and Reporting system. Call detail records (CDR) detail the called number, the number that placed the call, the date and time that the call was started, the time that it connected, and the time that it ended. Call management records (CMRs or diagnostic records) detail the jitter, lost packets, the amount of data sent and received during the call, and latency. CDR data comprises CDRs and CMRs collectively. A single call can result in the generation of several CDRs and CMRs. Call Manager records information regarding each call in CDRs and CMRs. CDRs and CMRs, known collectively as CDR data, serve as the basic information source for Call Analysis and Reporting.

25

CCM Service Activation/Selection

•NT Service•Call Manger•Tftp•Messaging Interface•IP Voice Streaming Media App•CTI Manager•IP Telephony Call Dispatcher•MOH Audio Translator•RIS Data Collector•Database Layer Monitor•CDR Insert•Extended Functions •Serviceability Reporter

•Tomcat Web Service•Extension Mobility•IP Manager Assistant•WebDialer

•NT Service Cont.•CTL Provider•Certificate Authority Proxy Function

NOTE: Do not use Windows to manage these Call Manager services.

The following is a short description of each service available on a CCM server. Call Manager – Allows the server to actively participate in telephone registration, call processing, and other CCM functions. This service runs as the core of the CCM server. TFTP – Activates a TFTP server on CCM. The TFTP service delivers Cisco IP Phone configuration files, along with streamed media files, such as music on hold (MOH) and ring files. Messaging Interface – Allows CCM to interface with a Simplified Message Desk Interface (SMDI) - compliant, external voice-mail system. IP Voice Streaming Media App – Provides a software-based means for the Call Manager to provide conference bridging, music on hold and media termination points. CTI Manager – Used for hunt groups, Computer Telephony Interfaces and the Attendant Console. IP Telephony Call Dispatcher – Distributes calls to multiple telephone numbers (hunt groups). WebAttendant and Auto Attendant depend on Telephony Call Dispatcher (TCD).

26

27

MOH Audio Translator – Allows the server to convert MP3 or WAV audio files into the MOH format. RIS Data Collector – Allows the server to write trace and alarm file information to a database or alert an SNMP server. Database Layer Monitor – Monitors aspects of the Microsoft SQL 2000 database, as well as call detail records (CDRs). CDR Insert – Allows CCM to write CDRs to the local database and replicates CDR files to the Microsoft SQL publisher at a configured interval. Extended Functions – Provides support for some CCM features, including Cisco Call Back and Quality Report Tool (QRT). Serviceability Reporter – Generates the following daily reports: Device Statistics, Server Statistics, Service Statistics, Call Activities, and Alert. CTL Provider – Works with the Cisco Certificate Trust List (CTL) client to change the security mode for the cluster from non-secure to secure. Certificate Authority Proxy Function – Manages all aspects of the certificate usage within the CCM network. TOMCAT WEB SERVICES Extension Mobility – Allows CCM to support extension mobility functions for roaming users. IP Manager Assistant – Allows CCM to support the Cisco IP Manager Assistant (IPMA). Web Dialer – Provides click-to-dial functionality by using a web page or a desktop application.

Call Manager Serviceability

From the CCM Administration screen, you can navigate to the CCM Serviceability Application. From Applications, select “Cisco Serviceability Application”. Serviceability serves as a point of management for CCM services. Most usages of this application stem from the Tools dropdown, using “Service Activation” and “Control Center”. Most of the other objects available from within the application are used for high level troubleshooting, monitoring, and management.

28

Tools > Service Activation

From Call Manager Serviceability choose Tools>Service Activation. To activate a service check the box to the left of the service and click update. The Service Activation tool activates services in automatic mode. It also checks for service dependencies based on a single-server configuration. When you click the “Set Default” button, the Service Activation tool chooses the services that are required to run Cisco Call Manager based on a single-server configuration. For example, if you choose one service, you will be prompted to choose whether you want all the other services that depend on that service to run Cisco Call Manager based on a single-server configuration. The following services are not required in the WIN-T Network at this time:

• Telephony Call Dispatcher • Cisco Extended Functions • Dialed Number Analyzer • Cisco Extension Mobility • IP Manager Assistant • WebDialer

29

Service is running correctly.

Service is not running correctly or is not activated.

Tools > Control Center

From Call Manager Serviceability choose Tools>Control Center. Start all stopped services that are activated. To Start, Stop, or Restart services click the circle for the service that you want to manipulate and click Start, Stop, or Restart. NOTE: The Service Status column and the square symbol denote a service has stopped or there is a problem with that service. You must start or re-start the services with a square in the Status column to use that service. The right angle triangle denotes the service is running proper.

30

Call Manager Basic Configuration Lab

1. Set a static IP address on Windows 2000.

2. Enable DHCP on Windows 2000.3. Configure Call Manager for Local

Dialing.

31

TAB

Insert Tab # 5 Here

Cisco Call Manager Basic Features

2

Cisco IP Phone Overview

• Audio codecs:• Potentially able to

compress audio signals• Cisco IP Phones support:

• G.711: 64 kbps• G.729: 9.6 kbps

• Cisco IP Phone features• Display Based• User customization• Inline power• Support G711 and G729

Cisco IP phones have some common features.

• Visual display capable • Customizable by the end-user, if permissions are granted • Capable of using A/C power supply or using 802.1af inline power • Support for the G.711 and G.729 voice codecs. • The default for the Cisco Call Manager system is G711, but when running

requires upwards of 70kbps of bandwidth. This does not include any sort of packet overhead, which can put it closer to 90 kbps. Coupled with the TDMA tunneled network as a transport mechanism, the G711 codec can require almost 256kbps of satellite resources to complete a call. Here’s the breakdown –

• Each channel on the satellite is unidirectional and is 64kbps. • With tunneling consuming 20% of the overhead, the single direction of the

call will be less than 128kbps, but more than a single 64 kbps satellite channel can handle.

• With the call requiring 128kbps in each direction (2x64=128kbps), the total satellite resource consumption will be 256kbps.

• Using the G729 codec, the call, overhead for the voice packets, and overhead for tunneling, will be at less than 64kbps, cutting the satellite resource requirement in half.

3

Common IP Phones in JNN

• 7940, 7940G

• 7960, 7960G, 7965

• 7905

The phones currently used in the WIN-T and legacy JNN network are the 7940G series of phones. However, all of the above listed phones have been used in the WIN-T network at some point and will continue to be used as units maintain them in stock. 7905 – A single line phone that connects via a 10baseT connection. It is an older phone and may no longer be supported in future updates to the CCM software. 7910 – A lower end phone commonly used in general-use areas where advanced features are not a requirement. The +SW version of the phone includes a 100MB connection, which allows a PC/laptop to be connected off the backend, requiring only a single Cat5 line to be run to the area. Has programmable softkeys and a two-line LCD display. 7940(G) & 7960(G) - The 7940 & 7960 IP phones, along with their global (G model) variants are executive level telephones that provide advanced features to the user. The 7940 provides two line capabilities, while the 7960 provides up to six. In addition to the calling features, both support XML services that can allow directory information, as well as stock info, weather, and just about any other interactive information that can be programmed via XML.

4

Additional VoIP Devices

• Vantage

• IP Soft phone

• ATA-186/8

• VG-224/248

There are some additional IP telephony devices that are found in the WIN-T network, including the VG-248, ATA-186/188, IP softphones, and the Vantage Gatekeeper switch. VG-224/248 – Based on the model, provides 24 or 48 analog FXS ports to be connected to the CCM server via an H.323 gateway. They allow simple analog phones to be connected that can take advantage of many of the advanced calling features that the IP phones can use. These also provide a place for analog fax machines to hook into the VoIP network. ATA 186/188 - These models of Analog Telephone Adapter are a smaller version of the VG-224/248s in that they provide for the connection of two analog (FXS) lines to the IP network. IP Softphone – The Cisco IP Softphone is a software application that can be installed on any PC and provide almost all of the same calling features of the 7940 or 7960 models of IP phones. Vantage – The Vantage is a software package running on an industrial PC chassis that provides Gatekeeper functionality for the CCM server, connections into the legacy MSE network, and converts H.323 to MSE TRITAC signaling.

5

Phone Registration Process

• Inline power-capable switch sends FLP.• Switch provides VLAN information to IP Phone.• Phone sends DHCP request; receives IP information

and TFTP server address.• IP Phone gets configuration from TFTP server.• IP Phone registers with CCM server.

RTP

SCCP

Before an IP phone can start working, it must first power up and register with a Call Manager or Cluster. It goes through the following steps:

• Power Up – Either, an external AC adapter or a PoE capable switch provides -48 DC power to the phone.

• IP Configuration – The phone looks for manual IP settings, if set, or DHCP if not. It also checks to see if the connected switch is CDP-enabled and providing a voice VLAN. If so, it configures itself to utilize that VLAN, if not, it uses untagged packets.

• Phone configuration –Upon gaining the use of IP communications, the phone contacts the TFTP server, typically the Call Manager and requests a configuration file. If the call manager already has a configuration file built for that particular phone (identified by MAC address), it sends that one down to the phone. If not, it sends the default configuration template based on the model of phone. After the phone receives a default template, it sends back its customized configuration file to the CCM.

• Firmware verification –It now verifies that it is running a version of phone firmware at or newer than the version available on the Call Manager. If it needs revision, the firmware is downloaded via TFTP and the phone upgrades and reboots.

6

Device Registration Options

• Auto Registration with live numbers.

• Auto Registration with dummy numbers.

• Manual Registration of MAC to Directory number.

There are several methods in practice for the registration of devices on a Call Manager network. Auto Registration with live numbers – This is administratively the simplest method of registering devices. If a DHCP pool is enabled and this option is used, a user simply plugs in the phone and the device will be up and available immediately. A drawback to this method is that an unauthorized user could potentially gain access to your network and make calls appearing to be a legitimate part of your network. Another problem is if your directory is pre-established, then this method would be unrealistic to employ. Manual Registration of MAC to Directory Number – This has the most administrative cost associated in that the Call Manager administrator must know which phone, by MAC address will be associated with which directory number so that the entries can be made in the device screen. Auto Registration with dummy or temporary numbers – This method has been widely employed especially in distributed environments. This uses a block of numbers that are usually four digits in length for auto-registration. This allows a user to have their phone self-register and give them the capability of contacting the help desk, but nothing offsite until a valid seven-digit number is assigned.

7

Phone Management

1. Select Device > Phone.2. Click Find.3. All registered phones are displayed.

Any administration of phones, whether adding, deleting or modifying begins with the screen above. As stated earlier, a search must first be run using the “Find” button to list all the devices currently in the configuration database. Note that this does not mean the devices are currently registered with the server, only that the device (by MAC address) is associated with a model type and at least one directory number. When administering devices, it is helpful to note that if the phone was auto-registered and no further administrative actions have been taken; the description field will include the word “Auto”. If a device is currently registered, the status field will show the IP address of the Call manager server it is associated with. If the device is entered into the configuration database, but not currently associated, the status field will show “unregistered”. It is important to note that there may be times that the device will show unregistered even though it is up and running with no issues. It is simply a reflection of what the database currently has entered for that particular device. From this screen, you can reset or restart the device, or you may do so from the device configuration screen. You may also select multiple devices to delete from this screen as well.

8

Device Reset

• Click Reset Phone > Restart (Or Reset).

There are times upon modifying or adding something in Call Manager that a device must be reset or restarted in order for the changes to take effect. At any time, you can restart or reset a device by clicking the Reset button in the device window or by clicking the Reset icon in the Find and List window that is associated with the device, if available. You can restart a device without shutting it down by clicking the Restart button. You can shut down a device and bring it back up again by clicking the Reset button. If you want to return to the previous window without resetting or restarting the device, click Close. NOTE: Restarting or resetting a gateway or trunk drops any calls in progress that are using that gateway or trunk. Other devices wait until calls complete before restarting or resetting.

9

Phone Configuration

1. On Find and List Phones > Select Device Name.2. The Phone Configuration Dialog Box displays with

Line One configured.3. Select Line 2.

This is the screen used to add or modify phone devices. The minimum information required when adding a phone manually is the device type, MAC address, device pool, and phone button template. After the device has been inserted, it will prompt whether you would like to add a directory number at that time. There are a number of different options that can be configured from within; this screen and well documented by the CCM help file. To access the help file choose help from the menu and choose “For this page” for information on additional configuration options for this device.

10

Directory Number Configuration

1. Directory Number configuration Dialog Box Opens.2. At a minimum, assign a phone number to the line.3. Click “Add” and “OK”.4. Phone Configuration Dialog Box displays.

Directory numbers associate with devices such as phones, route points, CTI ports, and H.323 clients. Use the Directory Number Configuration window to add, update, and remove directory numbers from a device, route point, or port. You can configure up to 200 calls for a line on a device in a cluster, with the limiting factor being the device. Cisco IP Phones that support the multi-call display (such as a Cisco IP Phone 7960) support up to 200 calls per DN and 2 calls per DN for non-multicall display devices (such as Cisco IP Phone 7905). You must add a Cisco IP Phone to Cisco CallManager before adding a directory number. Directory numbers require a device to associate with upon their creation.

11

Phone Button Template (1)

1. Open “Device > Settings > Phone Button Template”.2. Scroll down and select “Standard 7960”.3. Select “Copy”.

Cisco Call Manager includes several default phone button templates. When adding phones, you can assign one of these templates to the phones or create a new template. The primary usage of these templates is to change the mix of lines and speed dials available to certain phone types, especially the 7940 and above models. To create a template, you must make a copy of an existing template and assign the template a unique name. You can make changes to the custom templates that you created, and you can change the labels of the default phone button templates. You cannot change the function of the buttons in the default templates. You can rename existing templates and modify them to create new ones, update custom templates to add or remove features, lines, or speed dials, and delete custom templates that are no longer being used. When you update a template, the change affects all phones that use the template. Renaming a template does not affect the phones that use that template. All Cisco IP Phones that use this template continue to use this template after it is renamed.

12

Phone Button Template (2)

1. Change the Button Template Name to identify the new template.

2. Select the “Feature” option drop down and select “Line”

3. Select Label on the New line and enter “Line n”

The main features that are selected for the 7960 phone are “Line” and “Speed Dial”. There are however several more features available. The descriptions for each type are available by accessing the help file for this page. This is reachable from the menu help on the main toolbar. To select a feature, simply choose one from the dropdown list. Note that the first button is not configurable, as at least one button must remain a “Line” button. 7960 - The default Cisco IP Phone 7960 template uses buttons 1 and 2 for lines and assigns buttons 3 through 34 as speed dials or lines or for the features privacy and service URL. Access other phone features, such as abbreviated dial, call park, call forward, redial, hold, resume, call back, conferencing, and so on, by using softkeys on the Cisco IP Phone 7960. 7940 - The Cisco IP Phone 7940 comes with a preconfigured one-line phone button template (button 1 for line 1 and button 2 for speed dial). Access phone features, such as abbreviated dial, call park, call forward, redial, hold, resume, call back, conferencing, and so on, by using softkeys on the Cisco IP Phone 7940. 7910 - The default phone button template for the Cisco IP Phone 7910 uses button 1 for message waiting, button 2 for conference, button 3 for forwarding, buttons 4 and 5 for speed dial, and button 6 for redial. The Cisco IP Phone 7910 includes fixed buttons for Line, Hold, Transfer, and Settings.

13

Phone Button Template (3)

Apply the new template to the phone under Device>Phone.

14

Call Fwd Options

• CCM Administrator can forward calls for selected directory numbers.

• The No Answer duration time (seconds) must be set for the No Answer option. 3 seconds equals one ring.

SCROLL DOWN

Call forward allows a user to configure a Cisco IP Phone; so all calls that are destined for it ring another phone. Three types of call forward exist:

• Call forward all - Forwards all calls. • Call forward busy - Forwards calls only when the line is in use and busy

trigger setting is reached. • Call forward no answer - Forwards calls when the phone is not answered

after the configured no answer ring duration. The call forward busy trigger is configured for each line appearance in a cluster and cannot exceed the maximum number of calls that are configured for a line appearance. The call forward busy trigger determines how many active calls there are on a line before the call forward busy setting is activated. The call forward no answer ring duration is configured for each line appearance in a cluster, and the default specifies 12 seconds. The call forward no answer ring duration determines how long a phone rings before the call forward no answer setting is activated.

15

Adding Speed Dial Numbers

1. Under Device>Phone choose a phone and click “Add/Update Speed Dials”.

2. At this point, you can enter speed dial numbers in with labels. 3. The number of speed dials depends on what phone button template is

being used. Any extra speed dials falls under “Speed Dial Settings not associated with a button” these have to be accessed by the user using expansion modules.

16

Caller ID Update

SCROLL DOWN

Select Device > Phone {Find}

1. Select a Phone.

2. Select a Line.3. Scroll Down to

Line Settings.– Display– Line Text– External

Phone

Display (Internal Caller Id) - Leave this field blank to have the system display the extension. Use a maximum of 30 alphanumeric characters. Typically, use the user name or the directory number. Setting applies only to the current device unless you check the check box at right and click the Propagate selected button. Line Text Label - Use this field only if you do not want the directory number to show on the line appearance. Enter text that identifies this directory number for a line/phone combination. Setting applies only to the current device unless you check the check box at right and click the Propagate selected button. External Phone Number Mask - Indicate phone number (or mask) that is used to send Caller ID information when a call is placed from this line to outside of your IP Network.

17

ATA Configuration

How to determine the MAC address for ATA Phone 2:

18

0011BBD4389A minus the first two digits plus “01” at the end = 11BBD4389A01Phone 1’s MAC Phone 2’s MAC

3

4

Phone 1Phone 2

The ATA 188 can be registered manually or automatically. In this class, we will use manual registration to give you an understanding of how the MAC address has to be manipulated. This has to be done because Call Manager registers phones by MAC address, since POTS phones do not have MAC addresses we have to give the ATA a second MAC address (one for each POTS phone) by manipulating the MAC address of the ATA.

1. Go to Device>Phone>Add new Phone 2. Choose ATA 186 as the type 3. Enter the MAC address found on the bottom of the ATA (this will be used

for the POTS phone plugged into line 1). Enter “ATA (Phone number)” under description, and set the device pool to default.

4. Click Insert. At this time, Call Manager will ask if you want to add a directory number to this device. Choose yes and add the directory number.

5. For adding the second phone (the POTS phone plugged into line 2 of the ATA) to Call Manager, repeat the above steps. When you get to step 3, enter the same MAC address as before but delete the first two digits and add “01” to the end.

IP Phone Calling Features

1. Use of the Hold/Resume Button:– While in a call, press the hold button to place call on

hold.– While the call is on hold, press the resume button to

take the call out of hold.

2. While in call, press the Transfer button to transfer the call to a desired directory number.

3. Press Settings button on the Phone, select Ring Type.– Select once to view assigned ring tones.– Select line to see the assigned ring tone.– Select a second time to select a new ring tone.

Cisco Call Manager enables you to configure the following phone features on Cisco IP Phones: barge, privacy release, call back, call waiting, call forward, call park, call pickup, immediate divert, malicious call identification, quality report tool, service URL, and speed dial and abbreviated dial. Hold/Resume – While a call is in progress, it may be necessary to put the caller on hold. This is done by simply pressing the “Hold” softkey. To pick the call back up, simply ensure that the call is selected in the display field and press the “Resume” softkey. This button is also activated during conferencing and transferring activities, to allow for reconnection of the caller. Transfer – Both blind and consultative will be explained in a later slide. Ring Type/Tone – The user may adjust ring tone, types, and volume via the phone device itself. The Cisco IP Phone ships with two default ring types that are implemented in hardware: Chirp1 and Chirp2. Cisco CallManager also provides a default set of additional phone ring sounds that are implemented in software as pulse code modulation (PCM) files. The PCM files, along with an XML file (named RingList.xml) that describes the ring list options that are available at your site, exist in the TFTP directory on each Cisco CallManager server.

19

Region and CODECs

• Start by creating a Region to use for the Trunk.• Select Menu – “System > Region > Add a new

Region”.• Region Name > WAN Region (for Example).• Default Codec > select G.729 from drop-down list and

click Insert.

Creating a Region is to define a specific Codec to be used on specific devices such as Phones, Trunks, and Gateways; a Region then can be added to the Device or Device Pool. Example: All Inter-Cluster Trunks can be placed in one Region containing the G729 Codec and all Devices local to your CCM can be placed in the Default Region containing the G711 Codec. Specifying the Codec of G729 on Inter-Cluster Trunks can decrease bandwidth usage with limited bandwidth on transmission assets.

20

Device Pool

1. Select Menu System > Device Pool > Add a new Device Pool

Required Fields: • Device Pool

Name• Cisco Call

Manager Group• Date/Time

Group• Region• Softkey

Template• SRST

Reference

2. Click Insert.

Use regions to specify the voice codec used for calls within a region and between existing regions. The voice codec determines the type of compression and the maximum amount of bandwidth that is used per call. The default voice codec for all calls through Cisco CallManager is G.711. If you do not plan to us any other voice codec, you do not need to use regions. The Army tactical network is currently using the G.711 codec, running at a minimum rate of 64kbps for trunking. As the network begins to migrate from G.711 to more efficient codecs, the region configuration will be needed to set additional codecs. Device pools are used to set common characteristics for devices. These are used for phones, gateways, gatekeepers, and trunks.

21

Inter-Cluster Trunks (1)

1. Select Menu – “Device > Add a New Device”.

2. Device Type > Trunk.3. Click Next.

22

Inter-Cluster Trunks (2)

4. Trunk Type > Inter-Cluster Trunk (Non-Gatekeeper Controlled).

5. Device Protocol > Inter-Cluster Trunk.6. Next.

Trunks are used by Call Manager to direct calls from the CCM cluster, either via virtual IP paths directly to another CCM, or on to local gateways to PBX, analog or digital trunks. Inter-Cluster Trunk (Non-Gatekeeper Controlled) - In this case, you explicitly configure a separate inter-cluster trunk for each remote device cluster that the local CCM can call over the IP WAN. You also configure the necessary route patterns and route groups to route calls to and from the various inter-cluster trunks. The inter-cluster trunks statically specify the IP addresses of the remote devices. To choose this method, use Device > Trunk and select Inter-Cluster Trunk (Non-Gatekeeper Controlled) in CCM Administration. NOTE: For a local non-gatekeeper-controlled inter-cluster trunk, you must specify the IP addresses of all remote CCM nodes that belong to the device pool of the remote non-gatekeeper-controlled inter-cluster trunk. Inter-Cluster Trunk (Gatekeeper Controlled) - In this case, a single inter-cluster trunk suffices for communicating with all remote clusters. Similarly, you need a single H.225 trunk is needed to communicate with any H.323 gatekeeper-controlled endpoints. You also configure route patterns or route groups to route the calls to and from the gatekeeper. In this configuration, the gatekeeper dynamically determines the appropriate IP address for the destination of each call to a remote device, and the local Cisco CallManager uses that IP address to complete the call.

23

Inter-Cluster Trunks (3)

SCROLL DOWN

7. Device Name > IP Address of distant-end Call Manager.8. Description > Optional Text.9. Device Pool > Select Device Pool you created.10. Call Classification > Use system Default.11. Server 1 IP Address/Host Name > IP Address of distant-end

Call Manager.12. Click Insert and then Reset Trunk.

The following is a description of the main items needed to configure an Inter-Cluster trunk (non-GK controlled):

• Device Name – A unique identifier for the trunk.

• Device Pool - For trunks, device pools specify a list of CCMs that the trunk uses to distribute the call load dynamically.

• Call Classification - This parameter determines whether an incoming call

through this trunk is considered off the network (OffNet) or on the network (OnNet). In a traditional network, it refers to whether the call is staying inside the CCM network or outside to the PSTN. In the tactical network, it refers to leaving the CCM network for either a PBX or DSN system.

• Media Termination Point Req’d - Indicate whether a media termination

point (MTP) is used to implement features that H.323 does not support (such as hold and transfer). This setting is commonly used in conjunction with trunks to Call Manager Express.

• Server 1 IP Address/Host Name – This will be the IP address of the

destination CCM. It is strongly recommended to use an IP address vs. using a hostname to remove the risk of DNS failures.

24

Inter-Cluster Trunk Lab

1. Create a G.729 Region and give it a name.

2. Create and name a New Device Pool then add the G.729 Region.

3. Create an Inter-Cluster Trunk to each CCM in the Network, add the Device pool to each Trunk.

25

Route Lists & Route Groups (1)

Distant EndGateway

Inter-Cluster TrunkRoute Group

Route List

Route PatternA single Route Pattern can be attached directly to a Gateway/Trunk or Route List containing multiple Gateways or Trunks.

Similar to a preference number on a dial peer.

Gateway

Inter-Cluster TrunkRoute Group

or

Route Lists and Route Groups are very similar to a preference number on a Dial Peer. They are used when you have one Route Pattern that can send digits out of your Call Manager through more than one output (Trunks/Gateways). Route Groups are prioritized lists of Trunks and/or Gateways. Route Lists are prioritized lists of Route Groups. Once you have the Route Groups and Route Lists setup the Route Lists are then attached to Route Patterns.

26

Route Lists & Route Groups (2)

NOTE: Disassociate all Route Patterns from Trunks and Gateways before proceeding. 1. Go to Route Plan> Route/Hunt> Route Group 2. Click Add new Route Group 3. Name the Route Group (RG and then name of distant end) 4. Highlight the available Device and then click Add to Route Group 5. Click Insert

27

Route Lists & Route Groups (3)

1. Go to Route Plan> Route/Hunt> Route List. 2. Click Add a new route List. 3. Name the Route List (RL then the name of distant end). 4. Choose “Default” for the Cisco Call Manager Group. 5. Click Insert. 6. Click Add Route Group. 7. Choose a Route Group. 8. Click Insert. 9. Apply Route Lists to the correct Route Patterns.

28

Route Pattern Configuration

Open Route Plan > Route Hunt > Route Pattern.

1. Click Add a New Route Pattern.

2. Route Pattern.3. Numbering Plan.4. Gateway or Route

List.5. De-Select Provide

Outside Dial Tone.6. Click Insert.

A route pattern comprises a string of digits (an address) and a set of associated digit manipulations that route calls to a route list or a gateway. Route patterns provide flexibility in network design. They work in conjunction with route filters and route lists to direct calls to specific devices and to include, exclude, or modify specific digit patterns. Common Wildcard Characters:

• @ - The at symbol (@) wildcard matches all NANP numbers. • X – The X wildcard matches any single digit in the range 0 through 9.

(NOTE that this is a capital letter X) • ! – The exclamation point (!) wildcard matches one or more digits in the

range 0 through 9. • ? - The question mark (?) wildcard matches zero or more occurrences of

the preceding digit or wildcard value. • [ - ] - The square bracket ([ ]) characters enclose a range of values. The

hyphen (-) character, used with the square brackets, denotes a range of values.

Import fields to note are: Gateway or Route List – Choose the gateway or route list for which you are adding a route pattern.

29

30

Call Classification – The same as in the trunk field. Provide Outside Dial Tone - This check box gets automatically checked when Call Classification is set to OffNet, providing outside dial tone. To route the call in the network, leave the check box unchecked. Urgent Priority - If the dial plan contains overlapping route patterns, Cisco CallManager would not route the call until the interdigit timer expires (even if it is possible to dial a sequence of digits to choose a current match). Check this check box to interrupt interdigit timing when Cisco CallManager must route a call immediately.

Route Plan Report

To access the Route Plan Report go to Route Plan> Route Plan Report and then click find. All of your Route Patterns will be displayed with the path they use to send digits through your Call Manager; also, it will show what Directory Numbers are attached to what device. As you can see above it shows that Route Pattern “66052XX” will send digits to Route List “RL to BCP_66052_ST2R” then to Route Group “RG to BCP_66052_ST2R” and finally send the digits out Inter-Cluster Trunk “22.230.44.253”. The Route Plan Report is valuable as a troubleshooting tool and as a reference if you lose track of what is connected to what.

31

Route Lists & Route Group Lab

1. Create a G.729 Region and apply to a New Device Pool.

2. Configure a Inter-Cluster Trunk with the above Device Pool and to each other station.

3. Create Route Groups for each Inter-Cluster Trunk and Gateway.

4. Create a Route List for each Route Group.5. Create Route Patterns to each station and apply the

Route Patterns to the correct Route List.6. Verify settings with the Route Plan Report.

32

H.323 Gateway CCM Configuration

3

45

6 7

8

1. Click on Device and Choose Gateway. 2. Select Add a New Gateway. 3. For gateway type, select “H.323 Gateway”. The device protocol will

automatically change to “H.225”. 4. Click Next 5. Change the Device Name to your VLAN 58 IP address (location of pots

phones). The IP address will automatically become the description. 6. Device Pool should be set to default. 7. Call Classification should be set to “Use System Default” 8. Click Insert 9. Create a route pattern that points to your POTS phones and attach the

H.323 gateway to it.

33

Router# config t

gatewayex

dial-peer voice 10 voippreference 1 destination-pattern .Tsession target ipv4:22.230.40.252codec g711ulawno vad

Router(config)# Router(config-gateway)# Router(config)#

Router(config)# Router(config-dial-peer)# Router(config-dial-peer)# Router(config-dial-peer)# Router(config-dial-peer)# Router(config-dial-peer)#

H.323 Gateway Router Config

Under Global Configuration mode, enter the Gateway command to make the router a Gateway. Add a new dial peer pointing to your Call Manager server. Use a .T destination pattern; by doing this any numbers dialed that do not match any previous dial peers will be forwarded to the Call manager. Try calling your pots phone from your IP phone and vice versa.

34

H.323 Gateway Lab

1. Create a H.323 Gateway to your local router.2. Create a Route Pattern and attach the Gateway or

Route List to the Route Pattern.3. Create a VOIP Dial Peer to your Call manager.4. Verify Gateway by calling your POTS phones from

your VOIP phones.

35

MGCP Gateway T1

Configure T1 CCM MGCP Gateway using the 2811 Router as a gateway:

1. Select “Device” then “Gateway” then “Add a New Gateway” Gateway Type is “2811” (router), Device Protocol is Automatically filled in, Click “Next”

2. Domain Name is the “Host Name of Router” and Domain (if configured) of the 2811 Router and is “Case Sensitive”.

3. CCM Group is “Default” 4. In the Installed Voice Interface Cards Module in slot 0 is “NM-4VWIC-

MBRD” 5. Global ISDN Switch type is “None” and Click “Insert”

NOTE: The next steps are dependant on which slot the card is located in. If the FXO is removed and the T1 inserted in its place the next two steps will work.

6. In “Sub Unit 3” it should be “VWIC2-2MFT-T1E1-T1” 7. Click “Update”

Configure T1:

8. In the “Endpoint Identifier” Section Click on the Endpoint “0/3/0” (IF the T1 card is located in that slot)

9. The Device Protocol is “T1-CAS”

36

37

10. Device Pool is “Default” Leave all other settings default. You can scroll

down to “Product Specific Configuration” Section and change to Clock Source if Necessary.

11. Click “Insert” 12. From the Right hand column (PORTS) Click “Add a New Port” (DS0-

Group)

• The “Port Type” is EANDM (E&M) • The “Beginning Port Number” is “Port-1” • The “Ending Port Number” is “Port-6” • Under the Port Details Section the “Caller ID Type” is “DNIS” • The Number of Digits are “7” • The Expected Digits are “7”

13. Click “Insert” then “Update” and “Reset Gateway”

For Configuring FXO MGCP continue on next page, if not configuring FXO continue to Router Configuration.

MGCP Gateway FXO

To Configure a FXO MGCP Gateway: NOTE: The first step is dependant on which slot the card is located in. If the T1 is removed and the FXO is inserted in its place the step one will work.

1. After completing steps 1-5 in the T1 MGCP LAB, Configure “Sub Unit 3” as “VIC2-2FXO”

2. Click Update 3. In the “Endpoint Identifier” Section “Click” on the Endpoint “0/3/0” (If the

card is located in that slot) 4. The “Port Type” is “Loop Start” 5. Device Pool is “Default” 6. Scroll down to Port Information 7. The Port Direction is “Bothways” 8. The Attendant DN is the “DN” of a phone you wish to use as an Operator

to receive incoming calls from the PSTN. 9. Click “Insert” then “Update” and “Reset Gateway

CCM MGCP Gateway configuration is complete, now we must configure our Gateway Device (router).

38

Router: Config t> configure the following command lines:

Note: replace “CCM-IP” with your CCM IP Address

mgcp call-agent “CCM-IP” service-type mgcpmgcp dtmf-relay voip codec all mode out-of-bandmgcp rtp unreachable timeout 1000 action notifymgcp modem passthrough voip mode nsemgcp package-capability rtpmgcp package-capability sstmgcp sdp simple

ccm-manager mgcpccm-manager config server “CCM-IP”ccm-manager config

MGCP Router Config T1, FXO & FXS

NOTE: The following Example Dial-Peer will be created by MGCP: Dial-peer voice 9991 pots Service mgcpapp Port 0/3/0 or the slot # of the associated card NOTE: To view MCGP Configuration use the following Command: show ccm-manager. While viewing the statistics of the CCM-Manager insure the Call Manager has a “Registered” Status and a “Successful” Configuration Download. NOTE: To “RESET” the MGCP Service use the following commands: (config t) no mgcp (wait for console msgs) (config t) mgcp NOTE: After the last ccm-manager line, if the CCM configs are already done, you should see console messages of the router and server communicating with each other. MGCP Gateway Configuration is complete.

39

MGCP Gateway Lab

1. Create a MGCP Gateway in Call Manager for either T1 or FXO.

2. Configure MGCP settings in your local router.3. Verify MGCP Gateway with the “sh ccm-manager”

command.

40

TAB

Insert Tab # 6 Here

Cisco Call Manager Advanced Features

2

Ad-Hoc Conference Calls

• All Call Managers have a Software Conference Bridge enabled by default.

• You can create AD-HOC conferences from the features buttons on your VOIP Phone.

1. During a call with Instructor 1, use the features soft-keys under the display and press More > Confrn.

2. Dial Desired Conference Member (Instructor 2).3. When Instructor 2 answers, talk privately with him to

explain the reason for the call.4. Press Confrn Soft-Key to conference with both

Instructors.5. Use Confrn feature key to add more members (up to

15 total).

NOTE: The default Max Conference is 4; it can be changed up to 15. To change this go to Service>Service Parameters, Choose Call Manager and Scroll down to Maximum Adhoc Conference and change the Value to 15. Also, change Maximum Meet Me Conference Unicast to 15.

Ad-Hoc conference calls are a manual method of creating a conference. This method requires that one of the callers on the conference call each other participant and join them to the conference call. Initiate ad hoc conferences in two ways: Put a call on hold; dial another participant, and conference additional participants. Join established calls by using the Select and Join softkeys. The conference controller controls ad hoc conferences. When you initiate an ad hoc conference, CCM considers you the conference controller. In an ad hoc conference, only a conference controller can add participants to a conference. If sufficient streams are available on the conference device, the conference controller can add up to the maximum number of participants that is specified for ad hoc conferences to the conference. (Configure the maximum number of participants for an ad hoc conference In CCM Administration, CCM Service Parameters Configuration by using the Maximum Ad Hoc Conference service

3

4

parameter setting.) CCM supports multiple, concurrent ad hoc conferences on each line appearance of a device. When the conference controller initiates a conference call, Cisco CallManager places the current call on hold, flashes the conference lamp (if applicable), and provides dial tone to the user. At the dial tone, the conference controller dials the next conference participant and, when the user answers, presses Conference softkey again to complete the conference. Cisco Call Manager then connects the conference controller, the first participant, and the new conference participant to a conference bridge. Each participant Cisco IP Phone display reflects the connection to the conference. The conference controller can drop the last conference participant from the conference by pressing the RmLstC softkey on the Cisco IP Phone model 7960 or 7940. If a conference participant transfers the conference to another party, the transferred party becomes the last conference participant in the conference. If a conference participant parks the conference, the participant becomes the last party in the conference when the participant picks up the conference. When only two participants remain in the conference, Cisco CallManager terminates the conference, and the two remaining participants reconnect directly as a point-to-point call. Participants can leave a conference by simply hanging up. A conference continues even if the conference controller hangs up, although the remaining conference participants cannot add new participants to the conference.

Meet-Me Conference Calls

1. CallManager Administrator Creates Meet-Me Conference Number(s)– Feature > Meet-Me Number > Add a New Meet-Me

Number2. Conference controller:

– Picks up a Phone – Presses the More Feature Soft-Key and selects

Meet-Me– Dials a Meet-Me Conference Number

3. Conference Members Dial the Meet-Me conference number to join the conference

NOTE: Conference is active after Conference Controller hangs up as long as there are at least two conference members.

Meet-me conferences require that a range of directory numbers be allocated for exclusive use of the conference. When a meet-me conference is set up, the conference controller chooses a directory number and advertises it to members of the group. The users call the directory number to join the conference. Anyone who calls the directory number while the conference is active joins the conference. (This situation applies only when the maximum number of participants that is specified for that conference type has not been exceeded and when sufficient streams are available on the conference device.) When you initiate a meet-me conference by pressing Meet-Me on the phone, CCM considers you the conference controller. The conference controller provides the directory number for the conference to all attendees, who can then dial that directory number to join the conference. If other participants in a meet-me conference press Meet-Me and the same directory number for the conference bridge, the CCM ignores the signals. The conference controller chooses a directory number from the range that is specified for the conference device. The Meet-Me numbers should be published to the directory so that users know how to dial onto the conference bridge. While the Meet-Me can be created as a single masked entry, creating multiple numbers in the process, they should be assigned in the published directory as an individually-purposed number. For example, the first number is reserved for the

5

6

Commander’s Conference, the next is the XO’s conference, and another could be the network engineer’s bridge number. This does not prevent someone from utilizing or dialing onto the bridge. In that case, the Meet-Me numbers should be added to a partition and Class of Control can be utilized. NOTE: A conference continues even if the conference controller hangs up.

Call Manager Media Resources (1)

G.711

G.729

Calls using G.729 cannot join conferences because the software conference bridge in the Call Manager only supports G.711.

X

The default Software Conference Bridge in Call Manager currently supports the G.711 codec. In our voice network, we are using G.729 across the Inter-Cluster Trunks. Therefore, when a call comes into your Call Manager through an Inter-Cluster Trunk, it is using G.729; because of this, the call cannot connect to the Conference. This is also true if you setup one of your local phones to utilize G.729. There are a couple approaches to correct the problem. You can set the Inter-Cluster Trunks to use G.711; this will work fine but only if you have plenty of bandwidth on your WAN. Another way to fix it is to tell the Call manager to use transcoding resources on the router (PVDM module) to transcode the call from G.729 to G.711 so it can join the conference.

7

Call Manager Media Resources (2)

voice-card 0dspfarmdsp services dspfarm

sccp local vlan58sccp ccm 22.230.72.253 identifier 1 version 4.1sccp

dspfarm profile 1 transcodecodec g729r8maximum sessions 2associate application sccpno shut

dspfarm profile 2 mtpcodec g711ulawmaximum sessions software 8associate application sccpno shut

sccp ccm group 1associate ccm 1 priority 1associate profile 1 register xcode001

gister mtp001associate profile 2 re

NOTE: All of the above commands are entered in Global Configuration mode.

8

Call Manager Media Resources (3)

• Configure a Transcoder: 1. Go to Service> Media Resource> Transcoder 2. Select Add a New Transcoder 3. Select Cisco IOS Enhanced Media Termination Point for the

Transcoder Type 4. For Device name enter “xcode001” (name you registered on the

router) 5. Select Default Device Pool 6. Click Insert

• Configure a Media Termination Point (MTP):

1. Go to Service> Media Resource> Media Termination Point 2. Select Add a New Media Termination Point 3. Select Cisco IOS Enhanced Media Termination Point for the Media

Termination Point type 4. For Media Termination Point Name enter “mtp001” (name you

registered on router) 5. Select Default Device Pool 6. Click Insert

9

Call Manager Media Resources (4)

G.711

G.729

1. Call Manager that is hosting the conference detects incoming call is G.729

2. Call is now sent to router for transcoding (G.729>G.711)

3. Call that was originally G.729 now joins the conference using the G.711 codec

With the Transcoder configured a G.729 call that is trying to join the Conference will now be sent back to the router to be transcoded before joining the conference.

10

Media Resource Lab

1. Configure Router.2. Configure Transcoder on the Call Manager.3. Configure Media Termination Point on the Call

Manager.4. Verify lab using the “sh dspfarm all” command.

11

Class Of Control

• Class of Control: Assigning levels of authorization to users line(s) or device(s).

• Class of Service: A list of calling permissions and restrictions. – Partitions: A partition comprises a logical grouping of directory

numbers (DNs) and route patterns with similar reachability characteristics. (Where you are)

– Calling Search Spaces: Calling search spaces determine the partitions that calling devices can search when attempting to complete a call. (Where you can call)

– Time of Day: When you can call

Class of control is a term that Cisco uses to refer to the abilities of Call Manager in restricting or permitting a user or device access to features or routes. Within class of control is class of service, which includes the elements partitions, calling search spaces (CSS), and Time of Day as mechanisms to enact controls within the system. Partitions - A partition comprises a logical grouping of directory numbers (DNs) and route patterns with similar reachability characteristics. Devices that are typically placed in partitions include DNs and route patterns. These entities associate with DNs that users dial. For simplicity, partition names usually reflect their characteristics, such as “pnInterAreaCode”, “pnCommLD”, “pnIntraAreaCode”, “pnLocal”. Calling Search Space - A calling search space comprises an ordered list of partitions that users can look at before users are allowed to place a call. Calling search spaces determine the partitions that calling devices, including IP phones, soft phones, and gateways, can search when attempting to complete a call. Examples, used in conjunction with the above named partitions could be NOTE: Calling Search Spaces can have multiple partitions, or even single partitions as members. In addition, partitions can be used in multiple CSS groups.

12

Partitions & Calling Search Spaces

Route Pattern

Calling Search Space

Partitions

With the use of Partitions and Calling Search Spaces, you can restrict or allow users to dial certain numbers. Partitions can either be locks or keys depending on where they are placed in your Call Manager. If you apply a Partition to a Route Pattern or a Phone Line it acts as a lock. If you apply a Partition to a Calling Search Space, it acts a key. When you create a Calling Search space, you are creating a key ring. When you apply Partitions to a Calling Search Space, you are essentially placing keys on a key ring. If a phone is trying to dial a Route Pattern or another phone that has a Partition (lock) on it needs the correct Calling Search Space (set of keys).

13

Partitions

NOTE: Each Line is a separate partition

1. Go to Route Plan>Class of Control>Partition. 2. Click Add new Partition. 3. Enter the above partitions and descriptions with a comma separating the

name and description: onsite, local CCM Calling offsite, Intercluster Calling DSN, Defense Switching Network

4. Click insert. NOTE: Up to 75 Partitions can be added at one time. Remember, one partition per line.

14

Calling Search Space

3

4

5

6

7

1. Go to Route Plan>Class of Control>Calling Search Space. 2. Click Add new Calling Search Space. 3. Enter “Local Dialing” for the name. 4. Move the Onsite partition from “Available Partitions” to “Selected

Partitions” by highlighting it and clicking the down arrow. 5. Click Insert. 6. Repeat steps 2-5 and use the name “Inter-Cluster Dialing” for the Calling

search Space. Move the Onsite and Off Site partitions from “Available Partitions” to “Selected Partition”, click Insert

7. Repeat steps 2-5 and use the name “Gateway Access” for the Calling search Space. Move the Onsite, Off Site and DSN partitions from “Available Partitions” to “Selected Partition”, click Insert.

15

Route Patterns

Scroll Down

FXO Route Pattern Existing Route Patterns to Other CCMs

1

2

3

4

1. Create a Route Pattern for DSN access; use a Route Pattern of “9.755XXXX” and assign the “DSN” partition to it. The “9” will require users to dial it to get an outside line.

2. The Gateway or Route list will be your H.323 Gateway. 3. Scroll down and to “Discard Digits” and select “PreDot”. This means that

any digits before the dot in the Route Pattern will be deleted before the digits are forwarded. In this case, when a user dials “9” for DSN access it will be deleted when the digits are sent to the router.

4. Assign the “OFFSITE” partition to all of the existing route patterns that are pointed to other CCMs.

16

Trunk and Directory Number Config

1

2

1. Add the “Inter-Cluster Dialing” Calling Search Space under “Inbound Calls” for all your trunks to other CCMs.

2. Under your phone configuration: • Set line 1’s Partition to “ONSITE” and the Calling Search Space to “Local

Dialing” • Set line 2’s Partition to “OFFSITE” and the Calling Search Space to “Inter-

Cluster Dialing” • Set line 3’s Partition to “DSN” and the Calling Search Space to “Gateway

Access”

17

POTS Dial Peer to PSTN for H.323 Gateway

Router#Router#coRouter(config)#diRouter(config-dial-peer)#desRouter(config-dial-peer)#no diRouter(config-dial-peer)#por

Router#Router#coRouter(config)#diRouter(config-dial-peer)#desRouter(config-dial-peer)#sesRouter(config-dial-peer)#cRouter(config-dial-peer)#no v

nfig tal-peer voice 20 pots

tination-pattern 755….git-strip

t 0/3/0

NOTE: The existing .T dial peer to your CCM will also be used:

nfig tal-peer voice 10 voip

tination-pattern .Tsion target ipv4:22.230.40.252

odec g711ulawad

Enter the above Dial Peer so that your router knows where to send digits destined for the PSTN simulator (DSN). The “.T” Dial Peer that was created earlier in the course will handle calls from the PSTN simulator to Call Manager. At this point, line one on your phone should only be able to call locally. Line two can call locally, and to other Call Managers. Line 3 can call locally to other Call Managers, and the PSTN Simulator.

18

Class of Service Lab

1. Create Partitions.2. Create Calling Search Spaces and add Partitions.3. Apply Partitions to Route Patterns.4. Apply Calling Search Spaces to Inter-Cluster Trunks for

inbound calls.5. Apply Partitions and Calling Search Spaces to

individual lines on phones.

19

Call Routing Problem

Question: What happens when an Invalid number is dialed?Answer: All T1s would be locked out. This is known as “Ring

around the Rosey.”

Legacy or RedcomNT2R

Default call route is sent to Redcom

Default Call Route is sentto Voice Gateway Router

T-1

This slide illustrates an issue that occurs within the NIPR side of the WIN-T network voice system. There is a T-1 connection going from the Tier 2 router, acting as a gateway device for the CCM, running to the Redcom IGX. If the partition and calling search spaces are not built and added to the Route and phones as defined in subsequent paragraphs, ring around the rosey will tie up all the T1 DS0s between the REDCOM IGX-C and Tier 2 router when an invalid number is dialed. The T1 DS0s are released when the person calling the invalid number goes on-hook. This condition will cause denial of service to any new VoIP calls. It is imperative the Partition and Calling Search Space is set up and they are properly assigned to the Route Pattern, IP phone lines, and VG-248 lines. In addition to these configuration requirements listed, the Redcom, when receiving an inbound dial pattern from the CCM, strips some digits such that if the pattern has no specific matches (and matches the default pattern), thus when the call is rerouted back to the CCM router, the call is dropped do to a no-match condition.

20

MLPP (1)

Introduction To Multilevel Precedence and Preemption• Cisco Call Manager implements MLPP by the use of dedicated

Translation Patterns:– The calling party’s Calling Search Space (CSS) is used to permit

/ restrict the user’s ability to dial a precedence pattern when making a call attempt.

– The CCM assigns the precedence level to a call based on the dialed pattern matched.

– The use of CSS, partitions, and patterns can be used to generatethe Precedence Level.

– Unauthorized Precedence Announcement for call attempts that exceed a users authorized precedence level.

The Multilevel Precedence and Preemption (MLPP) service allows properly validated users to place priority calls. If necessary, users can preempt lower priority phone calls. Precedence designates the priority level that is associated with a call. Preemption designates the process of terminating lower precedence calls that are currently using the target device, so a call of higher precedence can be extended to or through the device. An authenticated user can preempt calls either to targeted stations or through fully subscribed time-division-multiplexing (TDM) trunks. This capability assures high-ranking personnel can communicate to critical organizations and personnel during network stress situations, such as an emergency or degraded network situation.

21

22

MLPP (2)

Precedence priorities are as follows:– Flash Override– Flash– Immediate– Priority– Routine

MLPP Precedence Levels

Precedence Level 9X Dialing FormatFlash Override 90Flash 91Immediate 92Priority 93Routine 94

Dialing with no Precedence Dialing with Precedence 660-7232 9[0-4]- 660-7232312-660-7232 9[0-4]- 312-660-723298-312-660-7232 9[0-4]- 98-312-660-7232

MLPP

Preemption– User Access Channel Preemption—This type of preemption applies

to phones and other end-user devices. In this type of preemption, if a called user access channel needs to be preempted, both the called party and the parties to which it is connected receive preemption notification, and the existing MLPP call gets cleared immediately. The called party must acknowledge the preemption before the higher precedence call completes. The called party then gets offered the new MLPP call. If the called party does not acknowledge the preemption, the higher precedence call does proceed after 30 seconds.

– Common Network Facility Preemption—This type of preemption applies to trunks. This type of preemption means that the network resource is busy with calls, some of which are of lower precedence than the call that the calling party requests. One or more of these lower precedence calls gets preempted to complete the higher precedence call.

The preemption process terminates lower precedence calls that are currently using the target device, so a call of higher precedence can be extended to or through the device. Preemption includes the notification and acknowledgement of preempted users and the reservation of shared resources immediately after preemption and prior to call termination. Preemption can take one of the following forms, depending on which method is invoked. NOTE: Ensure that all devices that a call uses to preempt an existing call are preemption enabled. Because it is not sufficient for the calling and called devices (phone) to be preemption enable, ensure that the gateways that are used for the call also are preemption enabled.

23

Configure Enterprise Parameters

MLPP first must be enabled through Enterprise Parameters.

1. Go to System>Enterprise Parameters scroll down to MLPP Parameters and change the following:

• MLPP Indication Status set to on • MLPP Preemption Setting set for Forceful Preemption • Click Update

NOTE: These settings can also be changed on the Device and through Device Pools. When changing the above settings in Enterprise Parameters leave these settings on default for the devices and Device Pools.

24

MLPP Partitions

3

4

NOTE: Remove all Prior Partitions and Calling Search Spaces from all devices I.E Trunks, Gateways, Route Patterns, Translation Patterns, Phones, and Lines.

1. Go to Route Plan> Class of Control> Partition. 2. Click Add a New Partition. 3. Enter the following Partitions w/ Descriptions:

• Routine_Part, Routine Partition • Priority_PART, Priority Partition • Immediate_PART, Immediate Partition • Flash_PART, Flash Partition • FlashOveride_PART, Flash Overide Partition • UPA_PART, Unauthorized Precedence Announcement

Click Insert.

25

Routine Calling Search Space

Order Does Matter!!!

3

4

5

Create the Calling Search Spaces.

1. Go to Route Plan> Class of Control> Calling Search Space. 2. Click Add New Calling Search Space. 3. Enter “CSS Routine” for the name and “Routine Calling Search Space for

the Description”. 4. Place the Routine and UPA Partitions in the bottom box. Remember

Order Does Matter! 5. Click Insert.

26

Priority Calling Search Space

2

3

4

Create the Calling Search Spaces.

1. From the Routine Calling Search Space click Copy 2. Enter “CSS Priority” for the name and “Priority Calling Search Space” for

the Description. 3. Place the Routine, Priority, and UPA Partitions in the bottom box.

Remember Order Does Matter! 4. Click Insert.

27

Immediate Calling Search Space

4

2

3

Create the Calling Search Spaces.

1. From the Priority Calling Search Space click Copy. 2. Enter “CSS Immediate” for the name and “Immediate Calling Search

Space” for the Description. 3. Place the Routine, Priority, Immediate, and UPA Partitions in the bottom

box. Remember Order Does Matter! 4. Click Insert.

28

Flash Calling Search Space

4

2

3

Create the Calling Search Spaces.

1. From the Immediate Calling Search Space, click Copy. 2. Enter “CSS Flash” for the name and “Flash Calling Search Space” for the

Description. 3. Place the Routine, Priority, Immediate, Flash, and UPA Partitions in the

bottom box. Remember Order Does Matter! 4. Click Insert.

29

Flash Override Calling Search Space

4

2

3

Create the Calling Search Spaces.

1. From the Flash Calling Search Space click Copy. 2. Enter “CSS Flash Overide” for the name and “Flash Overide Calling

Search Space” for the Description. 3. Place the Routine, Priority, Immediate, Flash, Flash Overide, and UPA

Partitions in the bottom box. Remember Order Does Matter! 4. Click Insert.

30

Routine Translation Pattern

345

6

7

8

9

Create the Translation Patterns

1. Go to Route Plan> Translation Pattern. 2. Click Add a New translation Pattern. 3. Enter “94.660(your station number)XX” for the Translation Pattern 4. Select the “Routine_PART” 5. Enter “Routine Level Call” for the description 6. Set the MLPP Precedence to Routine 7. Uncheck the “Provide Outside Dial Tone” box 8. Set the Discard Digits to “PreDot” 9. Click Insert

31

Priority Translation Pattern

345

6

7

8

9

Create the Translation Patterns

1. Go to Route Plan> Translation Pattern 2. Click Add a New translation Pattern 3. Enter “93.660(your station number)XX” for the Translation Pattern 4. Select the “Priority_PART” 5. Enter “Priority Level Call” for the description 6. Set the MLPP Precedence to Priority 7. Uncheck the “Provide Outside Dial Tone” box 8. Set the Discard Digits to “PreDot” 9. Click Insert

32

Immediate Translation Pattern

345

6

7

8

9

Create the Translation Patterns

1. Go to Route Plan> Translation Pattern 2. Click Add a New translation Pattern 3. Enter “92.660(your station number)XX” for the Translation Pattern 4. Select the “Immediate_PART” 5. Enter “Immediate Level Call” for the description 6. Set the MLPP Precedence to Immediate 7. Uncheck the “Provide Outside Dial Tone” box 8. Set the Discard Digits to “PreDot” 9. Click Insert

33

Flash Translation Pattern

345

6

7

8

9

Create the Translation Patterns

1. Go to Route Plan> Translation Pattern 2. Click Add a New translation Pattern 3. Enter “91.660(your station number)XX” for the Translation Pattern 4. Select the “Flash_PART” 5. Enter “Flash Level Call” for the description 6. Set the MLPP Precedence to Flash 7. Uncheck the “Provide Outside Dial Tone” box 8. Set the Discard Digits to “PreDot” 9. Click Insert

34

Flash Override Translation Pattern

345

6

7

8

9

Create the Translation Patterns

1. Go to Route Plan> Translation Pattern 2. Click Add a New translation Pattern 3. Enter “90.660(your station number)XX” for the Translation Pattern 4. Select the “FlashOveride_PART” 5. Enter “Flash Override Level Call” for the description 6. Set the MLPP Precedence to Flash Override 7. Uncheck the “Provide Outside Dial Tone” box 8. Set the Discard Digits to “PreDot” 9. Click Insert

35

Unauthorized Translation Pattern

345

6

7

8

Create the Translation Patterns

1. Go to Route Plan> Translation Pattern 2. Click Add a New translation Pattern 3. Enter “9[0-4].660(your station number)XX” for the Translation Pattern 4. Select the “UPA_PART” 5. Enter “Unauthorized Level Call” for the description 6. Set the MLPP Precedence to Routine 7. Click Block this pattern and choose “Precedence Level Exceeded” 8. Click Insert

36

Completed Translation Patterns

Once completed, go back to the List of Translation patterns to check your work.

37

IP Phone Line Configuration Phone With Precedence

Test Phone Without PrecedenceChange Max # of

Calls to 2

Change Busy Trigger to 1

2

• Phone with Precedence:

NOTE: on all Phone Lines Change the Maximum Number of Calls to “2” and the Busy Trigger to “1”

1. Choose one of your phones and go into the first line. Set the

Calling Search Space to “CSS Routine” and click update 2. Go into line two; set the Calling Search Space to “CSS Priority” and

click update 3. Go into line three; Set the Calling Search Space to “CSS Flash

Overide” and click update

• Test Phone without Precedence: Choose your other phone and go into line one. Scroll down to the Multiple Call / Call Waiting Settings and set both values to one. This will disable call waiting on the phone line; if it is left on, MLPP will not work!

38

How It Works (1)90.66073XX

Flash Override

91.66073XX

Flash

92.66073XX

Immediate

93.66073XX

Priority

94.66073XX

Routine

9[0-4].66073XX

Unauthorized

FlashOveride_PART

Flash_PART

Immediate_PART

Priority_PART

Routine_PART

UPA_PART

660-7333

Outside Call

User cannot call 660-7333 because the line is busy so the user dials 90-660-7333 to use their Flash Override precedence to preempt the line. The call will complete because this user has the Flash Override CSS

Cal

l in

Prog

ress

CSS Flash Override

Call Completes

When the User dials “90-660-7333” the digits match the Flash Override Translation Pattern. The user then accesses the Translation Pattern using the Flash Override Calling Search Space. Once the Call goes through the Translation Pattern, the Outside call will receive a busy tone. The Phone at “660-7333” will hear a Preemption tone and after pressing the Hook Switch, the call will complete between the User and 660-7333.

39

How It Works (2)90.66073XX

Flash Override

91.66073XX

Flash

92.66073XX

Immediate

93.66073XX

Priority

94.66073XX

Routine

9[0-4].66073XX

Unauthorized

FlashOveride_PART

Flash_PART

Immediate_PART

Priority_PART

Routine_PART

UPA_PART

660-7333

Outside Call

User cannot call 660-7333 because the line is busy so the user dials 90-660-7333 to use Flash Override precedence to preempt the line. The call will not complete because this user does not have the Flash Override CSS

Cal

l in

Prog

ress

CSS Routine

When the User dials “90-660-7333”, the digits match the Flash Override Translation Pattern. The User cannot access the translation Pattern because they do not have the correct Calling Search Space to unlock the Partition. The Call will then match the UPA Translation Pattern that gives the user a message stating that they do not have the correct Precedence Level.

40

MLPP Lab

1. Configure Partitions.2. Configure Calling Search Spaces.3. Configure Translation Patterns.4. Set Calling Search Spaces on one phone’s lines.5. Disable Call Waiting on the Phone you are going to call

(Test Phone).6. Call from your POTS phone to the test phone’s line 1,

leave the call running and use line 1 on the precedence phone to try to Flash Override line 1(dial 90 first) on the test phone. Did it Work?

7. Try the same thing again but use line 3 on your precedence phone. Does it work now? Why?

41

Private Line Automatic Ring-down

• Issue: I have a line that I want to dial a specific number when it is taken off hook.

• Solution: PLAR!• Utilize:

– Partitions– Calling Search Space– Translation Pattern– Device configuration

A common need for the military tactical system is the ability to have a phone that is dedicated for use as an immediate dial phone. This is the most stringent form of call control as it does not allow the dialing of any digits at all – as soon as the phone goes off hook, it begins the ringdown phase. An example of this would be a military guard point where the only requirement for the phone is for it to be able to call back to the Sergeant of the Guard. Steps:

1. Remove all previous partitions and calling search spaces from all devices 2. Create Partition (ex: GuardShack) 3. Create Calling Search Space and add Partition (example: HOTLINE) 4. Route Plan > Translation Pattern > Add a New Translation Pattern 5. Apply the partition you created and set the destination phone directory

number in the field “Called party Transform Mask” 6. On Device > Phone, select phone 7. Set phone Calling Search Space

42

TAB

Insert Tab # 7 Here

Quality of Service (QoS)

2

Voice Call Quality

Telephone users notice the quality of their phone calls. Three primary characteristics of Voice over IP phone calls that affect the user’s perception of voice call quality:

• Packet loss greater than 1% — this means .02 seconds of sound from the person talking is missing every 2 seconds.

• Jitter — the network has variable delay causing the packets to arrive at varying intervals of time exceeding 30ms. Jitter indicates information about incoming packets not outgoing. That means jitter indicates the quality of the incoming voice not the quality of the outgoing voice.

• Fixed delay greater than 150ms (milliseconds) — remember that conversations are two way. Delay is the time from when one person stops talking and starts hearing the other person.

Voice uses UDP; the packet has only one chance to get from the source to the destination. If data is using TCP, packets will be resent if they are dropped ensuring data gets through completely. Even if data is sent using UDP the receiving system may have another way of detecting missing packets and requesting the missing data to be resent. Propagation delay is the time required for a signal or a bit to travel the length of the medium (cable, fiber, air etc) length of the medium / speed of 1 bit through the medium = propagation delay.

3

4

Examples: Voice and Data Packets over UTP CAT-5 Cable

• 10 meters / 2.1* 10^8 = 0.0004 ms • 1000 km / 2.1* 10^8 = 4.8 ms

Voice and Data Packets over Satellite • 35,786 kilometers / 3.0 * 10^8 = .12 sec or about 0.25 sec round trip • Serialization delay is the time required to put a packet out of the interface

and on to the medium. Bits in a packet / link speed = serialization delay Voice Packets

• Assume G711 CODEC 160 bytes every 20 ms = 50 pps (packets per second)

• 160 bytes = 1280 bits • Serialization delay for 1 packet:

1280 bits / 100 Mbps = 0.00001280 seconds = 0.0128 ms (milliseconds) Data Packets

• 1500 byte MTU • 1500 bytes =12000 bits • Serialization delay for 1 packet:

12000 bits / 100 Mbps = 0.00012 seconds = 0.12 ms (milliseconds)

Vlan 58 Link Utilization

Voice Packet = 160 bytesVLAN 58

VLAN 58 has a link speed of 100 Mbps; 8 Phone conversations * 90 Kbps (G.711) = 720 Kbps 720 Kbps / 100 Mbps = 0.72% link utilization

5

Vlan 59 link Utilization

Data Packet = 1500 bytesVLAN 59

For VLAN 59 above, each PC is 100Mbps capable. VLAN 59 has a bandwidth of 100Mbps. So, there is the potential for over subscription.

VLAN 59 has a link speed of 100 Mbps; 8 Computer connections * 100Mbps = 800 Mbps 800 Mbps / 100 Mbps = 800% link utilization This is referred to as “over subscription of a link”. One way of handling over subscription is First in First out (FIFO) Queuing. Over Subscription of a Link: Recall that connections between networks are also called a link. Routers can receive packets from a variety of sources simultaneously. Over subscription occurs when more packets are trying to use the link more than the link can handle. For VLAN 59 above, each PC is 100Mbps capable. VLAN 59 has a bandwidth of 100Mbps. Thus, there is the potential for over subscription.

6

First In First Out (FIFO)

• The outgoing interface puts packets in its queue in the order the packets arrive.

VLAN 58

VLAN 59

Voice Packet = 160 bytes

Data Packet = 1500 bytes

Queue Depth16 PacketsFastEthernet 0/0

VLAN 58 and 59 both have packets destined for networks out F0/0. F0/0 is going to send the packets out based on which packet arrives first; this is referred to as First In First Out (FIFO). This will cause Voice and Data packets to be intermingled on the transmission medium.

7

Queuing Delay

VLAN 58

VLAN 59

Voice Packet = 160 bytes

Data Packet = 1500 bytes

Queue Depth16 Packets

The outgoing interface has a buffer where it stores packets; this buffer is called a Queue. The interface sends the packets out in the order they are received The time elapsed from when a packet enters the buffer until it exits the interface is Queuing Delay.

8

Jitter

VLAN 58

VLAN 59

Voice Packet = 160 bytesData Packet = 1500 bytes

Queue Depth16 Packets

Data packet in between voice packets.

Notice the intermixing of the smaller voice packets with the larger data packets. The number of data packets between voice packets causes the delay for voice packets to vary. This varying delay is noticeable to the human ear if it exceeds about 30 ms; IP Phones include a jitter buffer to smooth out the delay.

9

Traffic Shaping

BCP_66053_STR2#

Connected using 100Mbps Ethernet

Bandwidth limited to 300k using the traffic-shape command

sh traffic-shape statisticsAcc. Queue Packets Bytes Packets Bytes Shaping

I/F List Depth Delayed Delayed ActiveFa0/0 0 185856 48863337 22430 11120760 no

The command “traffic-shape rate <value in bits per second>” on an interface can be used to restrict bandwidth and is verified by using the command “sh traffic-shape statistics” as shown below.

Note: Do not use the Traffic Shaping Command on a Live Network

There exist situations in networking when it is desirable to send traffic out an interface slower than the actual link speed capability. The transmission rate on an interface can be controlled with the command: Router# Config t Router (config)# int fa0/0 Router(config-if)# traffic-shape rate <value in bits per second> Example: traffic-shape rate 1000000 will cause the interface to send traffic out at 1Mbps. The effects of traffic shaping can be displayed with the command: Router# Show traffic-shape statistics NOTE: Do not use the Traffic Shaping Command on a Live Network

10

(FIFO) Queue Performance Lab

1. Setup Windows Task Manager to view the PC network connection performance graphically.

2. Use router command line commands to view network performance.

3. Use NetMeeting to generate data traffic.4. Use phones to generate voice traffic.5. Review Phone statistics.

Note: Ensure that the Device Pool on all Inter-Cluster Trunks is set to default.

11

Task Manager Setup

Setup Task Manager to Monitor the Network 1. Open Windows Task Manager by pressing CTRL+SHIFT+ESC. 2. Click on the Networking Tab. 3. Set the graph to show Bytes Sent, Bytes Received, and Bytes Total. 4. Menu | View | Network Adapter History, Check all three.

Set Traffic Shaping on Interface FA0/0 to 100Mbps Use the “traffic-shape rate” command to set the FA0/0 traffic to 100Mbps. Traffic shaping will be done to 100Mbps. This is only for the lab so that traffic-shaping statistics can be examined. Since 100Mbps is the default interface rate traffic shaping would not normally be done like this.

1. On the router: conf t interface fa0/0 traffic-shape rate 100000000 end

12

13

Use Phones to Generate Voice (4-Calls)Traffic

NOTE: Please refer to the Reference Chapter for info on how to use Net Meeting

Setup Voice Traffic 1. Using an IP Phone place one phone call between 2 locations. One station

places the call using speakerphone. 2. Press the mute button. 3. The receiving station answers the call with speaker phone. 4. Press the mute button. 5. Using the other IP Phone place one phone call between 2 locations. One

station places the call using speakerphone. 6. Press the mute button. 7. The receiving station answers the call with speakerphone. 8. Press the mute button. 9. Using the analog phone connected to the ATA place one phone call

between 2 locations. 10. Using the other analog phone connected to the ATA place another phone

call between 2 locations.

Use NetMeeting to Generate Data Traffic 1. On each router:

clear counters fastEthernet 0/0. 2. Open NetMeeting – Click the Icon on the Taskbar.

• Establish meetings in groups. • (Hint: Place NetMeeting Call to IP Address of each stations PC)

NetMeeting File Transfer 1. Use an IP Phone handset to coordinate with the other station. 2. Press CTL+F for File Transfer. 3. Each station select the 1MB file for transfer. 4. Each station send the file. 5. Each station accepts the file transfer. 6. Talk to each other on the phone and evaluate the quality of the call. 7. Time the transfer and observe the bandwidth usage graph and

percentages. 8. Record the approximate time for the transfer and percentage of bandwidth

used. Time: _____________ Bandwidth: _____________

9. On each router display and record the traffic shaping statistics using the command “show traffic-shape statistics”.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

14

View and Record the Call Statistics for the 2 IP Phones at Each Station.

Activate Call Statistics on the 7960 by pressing “??” 1. Record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 2. Record the call statistics for the 2nd call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

Disconnect All Calls.

Q: During the file transfer, did the quality of the voice appear to change to you? ________________________________________________________________ ________________________________________________________________ Q: Did the Call Statistics indicate a change in voice quality? ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________

Data & Voice Sharing Bandwidth

• TCP Windowing– Congestion Window (CWND)

• TCP Packet Size– MTU– Header

• UDP Packet Size– Header

• Voice Packet– Size– Quantity per second

On 100Mbps networks voice and data can share the bandwidth with no negative effects on voice quality most of the time. In fact, the negative effects on voice may occur so seldom that the problem is not noticed. When voice and data are sharing bandwidth voice packets can be delayed or lost completely. Data using TCP can be delayed. Data using UDP can be delayed or lost. To understand this several things must be recognized and considered. TCP Windowing and Congestion Window (CWND): Reacts to network congestion by slowing down TCP traffic. TCP Packet Size: TCP packets have a minimum header size and a minimum packet size of 64 bytes. The maximum packet size is set by the Maximum Transmission Unit (MTU). For Ethernet the MTU is up to 1500 bytes. 1500 bytes is the typical value. UDP Packets: UDP packets have a header of 8 bytes. Voice Packet: Voice packets are 160 bytes typically sent at 50 packets per second.

15

Traffic and Reduced Bandwidth

100Mbps connections

300k connection

Oversubscription of a link can easily result when traffic from high bandwidth links is routed or switched to lower bandwidth links. If the traffic is a combination of voice and data packets oversubscription of the link will diminish the quality of the voice calls without QoS management.

16

Over Subscription Lab 1

1. Set the bandwidth on F0/0 to 300Kbps using the traffic-shape command.

2. Transfer the file using Net Meeting and record the results.

3. Place one call and transfer the file again using Net Meeting and record the results.

17

18

Set Traffic Shaping on Interface FA0/0 to 300Kbps Use the “traffic-shape rate” command to set the FA0/0 traffic to 300K. This will cause VLAN 58 and 59, which are 100Mbps capable to share a reduced bandwidth at FastEthernet 0/0.

1. On the router conf t interface fa0/0 traffic-shape rate 300000 end

Use NetMeeting to Generate Data Traffic 1. On each router:

clear counters fastEthernet 0/0. 2. Open NetMeeting – Click the Icon on the Taskbar.

• Establish meetings in groups. • (Hint: Place NetMeeting Call to IP Address of each stations PC).

NetMeeting File Transfer 1. Press CTL+F for File Transfer. 2. Each station select the 1MB file for transfer. 3. Each station send the file. 4. Each station accepts the file transfer. 5. Time the transfer and observe the bandwidth usage graph and

percentages. 6. Record the approximate time for the transfer and percentage of bandwidth

used. Time: _____________ Bandwidth: _____________

7. On each router display and record the traffic shaping statistics using the command “show traffic-shape statistics”.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

19

Effects of Voice (1 call) and Data Sharing Bandwidth

Setup Voice Traffic 1. Using an IP Phone place one phone call between 2 locations. One station

places the call using speakerphone. 2. Press the mute button. 3. The receiving station answers the call with speakerphone. 4. Press the mute button. 5. After one minute activate Call Statistics on the 7960 by pressing “??”. 6. Record call statistics.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

NetMeeting File Transfer 1. Use the IP Phone handset to coordinate with the other station. 2. Press CTL+F for File Transfer. 3. Each station select the 1MB file for transfer. 4. Each station send the file. 5. Each station accepts the file transfer. 6. Talk to each other on the phone and evaluate the quality of the call. 7. Time the transfer and observe the bandwidth usage graph and

percentages. 8. Record the approximate time for the transfer and percentage of bandwidth

used Time: _____________ Bandwidth: _____________

9. On each router display and record the traffic shaping statistics using the command “show traffic-shape statistics”.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

20

10. Activate Call Statistics on the 7960 by pressing “??”. 11. Record call statistics.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

12. On each router display and record the traffic shaping statistics show traffic-shape statistics.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

Disconnect the call

Over Subscription Lab 2

The following lab will demonstrate how voice packets will monopolize the bandwidth if possible:

1. Setup two voice calls between stations and record the results.

2. Transfer the file using Net Meeting and record results.3. Repeat the above steps using three voice calls between

stations and record results.

21

22

Demonstrate How Voice Packets Will Monopolize the Bandwidth If Possible

Two Phone Calls 300Kbps Traffic Shaped, Shared with Data

Setup Voice Traffic 1. Using an IP Phone place one phone call between 2 locations. One station

places the call using speakerphone. 2. Press the mute button. 3. The receiving station answers the call with speakerphone. 4. Press the mute button. 5. Using the other IP Phones place one phone call between 2 locations. One

station places the call using speakerphone. 6. Press the mute button. 7. The receiving station answers the call with speakerphone. 8. Press the mute button.

(NOTE VAD is disabled so this will maintain normal voice packet flow)

9. Activate Call Statistics on the 7960 by pressing “??”. 10. After one minute: 11. Record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

12. Record the call statistics for the 2nd call RxCnt TxCnt

AvgJtr MaxJtr

Use NetMeeting to Generate Data Traffic 1. On each router:

clear counters fastEthernet 0/0. 2. Open NetMeeting – Click the Icon on the Taskbar.

• Establish meetings in groups. • (Hint: Place NetMeeting Call to IP Address of each stations PC).

NetMeeting File Transfer 1. Press CTL+F for File Transfer. 2. Each station select the 1MB file for transfer. 3. Each station send the file. 4. Each station accepts the file transfer. 5. Time the transfer and observe the bandwidth usage graph and

percentages.

23

6. During the file transfer: a. On each router display and record the traffic shaping statistics

using the command “show traffic-shape statistics”. Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

7. Record the approximate time for the transfer and percentage of bandwidth used. Time: _____________ Bandwidth: _____________

8. After file transfer ends a. On each router display and record the traffic shaping statistics

using the command “show traffic-shape statistics”. Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

9. Activate Call Statistics on the 7960s by pressing “??” 10. Record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 11. Record the call statistics for the 2nd call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

Disconnect the calls.

24

Three Phone Calls 300Kbps Traffic Shaped, Shared with Data

Setup Voice Traffic 1. Using an IP Phone place one phone call between 2 locations. One station

places the call using speakerphone. 2. Press the mute button. 3. The receiving station answers the call with speakerphone. 4. Press the mute button. 5. Using the other IP Phone place one phone call between 2 locations. One

station places the call using speakerphone. 6. Press the mute button. 7. The receiving station answers the call with speakerphone. 8. Press the mute button. 9. Using an analog phone conncected to the ATA place one phone call

between 2 locations.

10. Activate Call Statistics on the 7960s by pressing “??” 11. After one minute record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

12. Record the call statistics for the 2nd call RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost Q: Talk on the phones, what do you think of the call quality? ________________________________________________________________ ________________________________________________________________ Q: Did the Call Statistics indicate a change in voice quality? ________________________________________________________________ ________________________________________________________________ ________________________________________________________________

13. On each router display and record the traffic shaping statistics using the

command “show traffic-shape statistics”. Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

25

Use NetMeeting to Generate Data Traffic 1. On each router:

clear counters fastEthernet 0/0. 2. Open NetMeeting – Click the Icon on the Taskbar.

NetMeeting File Transfer 1. Press CTL+F for File Transfer. 2. Each station select the 1MB file for transfer. 3. Each station send the file. 4. Each station accepts the file transfer. 5. 6. Time the transfer and observe the bandwidth usage graph and

percentages. 7. During file transfer:

a. On each router display and record the traffic shaping statistics using the command “show traffic-shape statistics”.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

8. Record the approximate time for the transfer and percentage of bandwidth used. Time: _____________ Bandwidth: _____________

9. After file transfer ends: b. On each router display and record the traffic shaping statistics

using the command “show traffic-shape statistics”. Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

10. Activate Call Statistics on the 7960s by pressing “??”. 11. Record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 12. Record the call statistics for the 2nd call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

Disconnect the calls.

Quality of Service

• Voice and data are interfering with each others functionality.

• How can the network be told how to prioritize traffic to our standards?

• Rules need to be applied.• Overall implementing these rules is configuring

Quality of Service (QoS).

Voice and Data packets are fighting each other over the limited bandwidth available. QoS can be used to put in place a set of rules to prioritize Voice or Data traffic based on the requirements of your network.

26

Path to Establishing QoS

• Traffic Analysis– What types of traffic is running on the network.– How much bandwidth is used by each type of traffic.

• Traffic Classification– How important is each type of traffic.– Group traffic with equal importance together.

• Priority / Policy for Traffic Classes– How should the different groups of traffic be handled (priority,

bandwidth).• Translate the Classifications to the router

– Use class-maps to group the traffic.– Define characteristics used to recognize the traffic.

• Translate the Priority / Policy to the Router– Enter policy-maps defining priority and bandwidths to be

allocated to the traffic classes.

To properly implement QoS, a lot of planning is required. The first step is to figure out what type of traffic you have on your network. When that is complete you have to figure out what traffic is more important than others and group them accordingly. The next step will be creating policy classes where you tell the router how to handle the groups you created I.E. give Voice traffic 30% of the bandwidth. The final step is to assign the policies to interfaces.

27

Traffic Analysis

TCP

UDPRTP

LSA

STP?SMTP

HTML

Before QoS can be implemented the different types of traffic on your network has to be identified. Types of traffic include but are not limited to Voice, Video, email, web browsing, routing protocols, network management, databases, etc. Traffic flow patterns by time of day and / or events also have to be considered. Shift change is a time and an event, lunch is a time and an event, command VTC is an event etc. There are Network Management tools available for traffic analysis. Cisco routers also include NetFlow parameters that can be configured and used for traffic analysis The lab network traffic includes:

• RTP -- Phone Calls • NetMeeting • Files (sent using NetMeeting) • OSPF Routing • RTCP • Etc – a whole lot of other stuff, that we may not know about

28

Traffic Classification

• NetMeeting• RTP -- Phone Calls• Files (sent using

NetMeeting)• OSPF Routing• RTCP• etc

Classify the various traffic flows on the network into Voice and Data groups

• Data– NetMeeting– Files (sent using

NetMeeting)– OSPF Routing– Etc

• Voice– RTP– RTCP

Once you figure out what kind of traffic is on your network you can then place like traffic into groups. We will be using two groups Data and Voice.

29

Priority for Traffic Classes

• Write a plan describing how different classes of traffic are to be handled.– Situation– Priority– How much traffic– Etc

Situation: The WAN link has a limited bandwidth of 300 Kbps. We know that VLAN 58 provides voice and data traffic at up to 100 Mbps and that VLAN 59 provides data traffic at up to 100 Mbps. Enough bandwidth must be available for one phone call over the WAN link at a time at all times. There is no provision made to prevent more than one phone call over the WAN at a time so if multiple phone calls share the bandwidth the call quality will degrade for all calls. The remaining bandwidth must be available for data at all times

30

Differentiated Services Model

• Also known as DiffServ.• Provides “6” bits in the IP header to group traffic.• These groups are referred to as DSCPs (Differentiated Services

Code Points).

EFExpedited forwarding (EF)

AF11, AF12, AF13, AF21,AF22, AF23, AF31, AF32,AF33, AF41, AF42, AF43

Assured forwarding (AF)

CS1, CS2, CS3, CS4, CS5,CS6, CS7

Class selector (CS)DSCP BE (default)Best effort (BE)DSCPsPHB

Once traffic classifications are established packets must be identified to the network based on some criteria the router can identify such as:

• Source address • Destination address • Type of traffic

Identifying network traffic for QoS purposes is called Marking. Hardware and software mark packets that they originate. For the lab network default marking will be used. Phones and ATA-188s mark their packets using the Differentiated Services Model, specifically the code EF.

31

Low-Latency Queuing (LLQ)

100Mbps connections

300k connection

By implementing LLQ you can prioritize traffic across an interface. We can reserve a certain amount or a percentage of bandwidth to be used by voice packets only (RTP).

Current best practice QoS for networks on which voice, video and data must co-exist is Low-Latency Queuing (LLQ). LLQ enables allocating specific bandwidth or a percent of bandwidth for specific traffic I.E. priority traffic. It also enables the network to manage the remainder of the traffic without interfering with priority traffic or vice versa. LLQ Utilizes Modular QoS Command-Line (MQC) to implement QoS on Cisco routers.

32

Modular QoS Command-Line

config tclass-map match-all VOICEmatch dscp efexit

class-map match-all NOT_VOICEmatch not dscp efmatch anyexit

policy-map TO_TDMAclass VOICEpriority percent 33class NOT_VOICEpriority percent 57class class-defaultfair-queueexit

int f0/0bandwidth 300max-reserved-bandwidth 90service-policy output TO_TDMAexit

Class-Map Commands used to map traffic to a common group (class). Policy- Map Commands used to define policies to be applied to a specific group (class) of traffic or groups (classes) of traffic. Service-Policy Command used to assign a policy map to an interface. One Service-Policy may be applied to more than on interface.

33

LLQ Lab

1. Enable LLQ on the Router using the commands on the previous slide.

2. Place one phone call and record results after one minute.

3. With the phone call still active transfer the file using Net Meeting, record the results.

4. Place two phone calls between stations and transfer the file using Net Meeting, record the results.

5. Place three phone calls and transfer the file using Net Meeting, record the results.

34

35

Evaluate LLQ with 100Kbps priority for voice. 1. Using an IP Phone place one phone call between 2 locations. One station

places the call using speakerphone. 2. Press the mute button. 3. The receiving station answers the call with speakerphone. 4. Press the mute button. 5. After one minute. 6. Activate Call Statistics on the 7960 by pressing “??”. 7. Record call statistics for call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

NetMeeting file transfer 1. Use an IP Phone handset to coordinate with the other station. 2. Press CTL+F for File Transfer. 3. Each station select the 1MB file for transfer. 4. Each station send the file. 5. Each station accepts the file transfer. 6. Talk to each other on the phone and evaluate the quality of the call. 7. Time the transfer and observe the bandwidth usage graph and

percentages. 8. Record the approximate time for the transfer and percentage of

bandwidth used. Time: _____________ Bandwidth: _____________

9. On each router display and record the traffic shaping statisticsusing the command “show traffic-shape statistics”.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

10. Activate Call Statistics on the 7960 by pressing “??”. 11. Record the call statistics for the call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

12. On each router display and record the QoS policy results using the command “show policy-map int fa0/0”.

36

Parameter Value

Service-policy output:

TO_TDMA

Class-map: VOICE (match-all)

Class-map: NOT_VOICE (match-all)

Packets Packets

Bytes Bytes

5 minute offered rate

5 minute offered rate

drop rate drop rate

Match: Match:

Queueing Match:

Output Queue: Conversation

Queueing

Bandwidth Output Queue: Conversation

Bandwidth Bandwidth

Burst Bandwidth

pkts matched Burst

bytes matched pkts matched

total drops bytes matched

bytes drops total drops

bytes drops

Class-map: class-default (match-any)

Packets

Bytes

5 minute offered rate

drop rate

Match:

37

13. On each router display and record the traffic shaping statistics show traffic-shape statistics.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

14. Disconnect the call.

38

Verify LLQ will not give more than 100Kbps to voice if data is competing for bandwidth, causing multiple calls to degrade.

1. Using 2 IP Phones at each station place two phone calls between 2 locations. One station places the calls using speakerphone.

2. Press the mute button. 3. The receiving station answers the calls with speaker phone 4. Press the mute button.

(NOTE VAD is disabled so this will maintain normal voice packet flow). 5. After one minute activate Call Statistics on the 7960 by pressing “??”. 6. Record call statistics 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 7. Record call statistics 2nd call

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 8. NetMeeting file transfer. 9. Each PC select the 1MB file for transfer. 10. On each router:

clear counters fastEthernet 0/0. 11. Each PC send the file. 12. Each PC accepts the file transfer. 13. Time the transfer time and observe the bandwidth usage graph and

percentages. 14. Record the approximate time for the transfer and percentage of

bandwidth used. Time: _____________ Bandwidth: _____________

15. On each router display and record the traffic shaping statisticsusing the command “show policy-map int fa0/0”.

39

Parameter Value

Service-policy output:

Class-map: VOICE (match-all)

Class-map: NOT_VOICE (match-all)

Packets Packets

Bytes Bytes

5 minute offered rate

5 minute offered rate

drop rate drop rate

Match: Match:

Queueing Match:

Output Queue: Conversation

Queueing

Bandwidth Output Queue: Conversation

Bandwidth Bandwidth

Burst Bandwidth

pkts matched Burst

bytes matched pkts matched

total drops bytes matched

bytes drops total drops

bytes drops

Class-map: class-default (match-any)

Packets

Bytes

5 minute offered rate

drop rate

Match:

40

16. On each router display and record the traffic shaping statistics show traffic-shape statistics.

Queue Depth

Packets Bytes Packets Delayed

Bytes Delayed

Shaping Active

17. Activate Call Statistics on the 7960s by pressing “??”. 18. Record the call statistics for the1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 19. Record the call statistics for the 2nd call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

20. Disconnect the calls.

41

Verify LLQ will give more than 200Kbps to data if no voice is competing for bandwidth.

1. Using 2 IP Phones at each station place two phone calls between 2 locations. One station places the call using speakerphone.

2. Press the mute button. 3. The receiving station answers the call with speaker phone. 4. Press the mute button. 5. (NOTE VAD is disabled so this will maintain normal voice packet flow). 6. Using an analog phone connected to an ATA at each station place two

phone calls between 2 locations. 7. After one minute activate Call Statistics on the 7960s by pressing “??” 8. Record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost 9. Record the call statistics for the 2nd call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost NetMeeting file transfer.

1. Each PC select the 1MB file for transfer. 2. On each router:

clear counters fastEthernet 0/0. 3. Each PC send the file. 4. Each PC accepts the file transfer. 5. Time the transfer time and observe the bandwidth usage graph and

percentages. 6. Record the approximate time for the transfer and percentage of

bandwidth used. Time: _____________ Bandwidth: _____________

7. After file transfer ends on each router display and record the traffic

shaping statistics using the command “show policy-map int fa0/0”.

42

Parameter Value

Service-policy output:

Class-map: VOICE (match-all)

Class-map: NOT_VOICE (match-all)

Packets Packets

Bytes Bytes

5 minute offered rate

5 minute offered rate

drop rate drop rate

Match: Match:

Queueing Match:

Output Queue: Conversation

Queueing

Bandwidth Output Queue: Conversation

Bandwidth Bandwidth

Burst Bandwidth

pkts matched Burst

bytes matched pkts matched

total drops bytes matched

bytes drops total drops

bytes drops

Class-map: class-default (match-any)

Packets

Bytes

5 minute offered rate

drop rate

Match:

43

8. Activate Call Statistics on the 7960s by pressing “??”. 9. Record the call statistics for the 1st call.

RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

10. Record the call statistics for the 2nd call. RxCnt TxCnt

AvgJtr MaxJtr

RxDisc RxLost

11. Disconnect the calls.

TAB

Insert Tab # 8 Here

Appendix

List of Acronyms

A ACS Access Control Server ADPCM Adaptive Differential PCM ANI Automatic Number Identification AMI Alternate Mark Inversion ARJ Admission Reject ART Administrative Reporting Tool ARP Address Resolution Protocol ARQ Admission Request ATA Cisco Analog Telephone Adapter ATM Asynchronous Transfer Mode ASIC Application Specific Integrated Circuits

B B8ZS Bipolar with 8-Zeros Substitution BARS Backup and Restore System BAT Cisco Bulk Administration Tool BCT Brigade Combat Team BGP Border Gateway Protocol BPDU Bridge protocol data unit bps Bits per second BRI Basic Rate Interface

C CAC Call admission control CAS Channel Associated Signaling CAR CDR Analysis and Reporting CCS Common channel signaling CDP Cisco Discovery Protocol CDR Call Detail Record CCM Cisco Unified Call Manager CLI Command Line Interface CELP Code-Excited Linear Predictive CME Cisco Unified CallManager Express CMR Call Management Record CNG Comfort noise generation CO Central Office CODEC Coder/Decoder COR Class of restriction CoS Class of service CPN Calling party number cRTP Compressed Real-Time Transport Protocol CSU Channel Service Unit CS-ACELP Conjugate Structure Algebraic CLEP CTL Cisco Certificate Trust List

D

DC Domain Controller DHCP Dynamic Host Configuration Protocol DID Direct inward dial DS0 Digital Signal Level 0 DMZ Demilitarized zone DN Directory number DNIS Dialed number identification service DNS Domain Name System DoS Denial of service DOS Disk Operating System DSP Digital Signal Processor DSU Data Service Unit DTMF Dual tone multifrequency

E E&M Receive and transmit, or ear and mouth EIGRP Enhanced Interior Gateway Routing Protocol EM Extension Mobility ESF Extended Super Frame

F FCC Federal Communications Commission FCS Frame Check Sequence FIFO First-in, first-out FLP Fast Link Protocol FR Frame Relay FXO Foreign Exchange Office FXS Foreign Exchange Station

G GUI Graphical user interface

H HSRP Hot Standby Router Protocol HTML Hyper Text Markup Language HTTP Hyper Text Transfer Protocol Hz Hertz

I IAS Internet Authentication service ICMP Internet Control Message Protocol IIS Microsoft Internet Information Server ISDN Integrated Services Digital Network IP Internet Protocol IPSec IP Security ISL Inter-Switch Link ISO International Standards Organization ITU International Telecommunication Union

J

JNN Joint Network Node

K kbps Kilobits per second

L LAN Local area network LBR Low bit-rate LCD Liquid crystal display LDN Listed directory number LDCELP Low-Delay CELP

M MAC Media Access Control MAN Metropolitan area network Mbps Megabits per second MCM Multimedia Conference Manager MCU Multipoint Control Unit MGCP Media Gateway Control Protocol MFSK Multi-Frequency Shift Keying MLPP Multilevel Precedence and Preemption MoH Music on hold MPLS Multiprotocol Label Switching ms Millisecond MSE Mobile Subscriber Equipment MTP Media Termination Point

N NAT Network Address Translation NIC Network interface card NPA Numbering Plan Area NTP Network Time Protocol

O OSPF Open Shortest Path First

P PBX Private Branch exchange PCM Pulse code modulation PDC Primary Domain Controller PLAR Private Line Automatic Ringdown PoE Power over Ethernet POTS Plain old telephone service pps Packets per second PRI Primary Rate Interface PSTN Public switched telephone network PVDM Packet Voice DSP Module

Q

QoS Quality of Service

R RAM Random Access Memory RAS Registration Admission Status RF Radio frequency RFC Request for Comments RHN Regional Hub Node RIP Routing Information Protocol ROM Read Only Memory RSP Route/Switch Processor RSTP Rapid Spanning Tree Protocol RSVP Resource Reservation Protocol RTMT Cisco Real-Time Monitoring Tool RTP Real-Time Transport Protocol RTCP Real-Time Transport Control Protocol RTT Round-trip time

S SCCP Skinny Client Control Protocol SCSI Small Computer System Interface SDC Secondary Domain Controller SMDI Simplified Message Desk Interface SF Super Frame SIP Session Initiation Protocol SNMP Simple Network Management SQL Structured Query Language SS7 Common Channel Signaling 7 STP Spanning Tree Protocol

T TCP Transmission Control Protocol TDM Time-division multiplexing TFTP Trivial File Transfer Protocol TRITAC Tri-Service Tactical TSP Telephony Service Provider TTL Time to live TTY Terminal teletype

U UDP User Datagram Protocol UPS Uninterrupted power supply URL Uniform Resource Locator USB Universal Serial Bus UTP Unshielded twisted pair

V VAD Voice activity detection

VLAN Virtual local area network VTP Virtual Trunking Protocol VoIP Voice over IP VoPSTN Voice over the PSTN

W WAN Wide area network WWW World Wide Web

X

XML Extensible Markup Language

Switch and Router Command Reference Available Prompts

Command Mode

Access Method

Prompt

Exit Method

User EXEC

Log In

Switch>

logout

Privileged Exec

(enable)

From User Exec type enable

Switch#

disable

Global Configuration

(config t)

From Privileged Exec, type

configure terminal

Switch(config)# Exit, end, or

CTRL Z

ROM Monitor

Hold mode key while applying power to

switch

Switch: Boot

Setup Mode

From privileged EXEC mode, type setup or

automatic if no config found in NVRAM during

initialization

Consists of a set of questions with no prompt of its own

Enters user EXEC after

setup is complete

Basic Switch Commands Setting Hostname Example switch>en switch#config t switch (config)#hostname example switch (config)#ctl Z switch# Setting Password Example switch>en switch#config t switch (config)#enable secret abc123 switch (config)#line vty 0 15 switch (config-line)#password abc123 switch (config-line)#login switch (config-line)#line con 0 switch (config-line)#password abc123 switch (config-line)#login switch (config-line)#ctl z switch# Setting the IP Address Example switch#config t switch(config)#int vlan 1 switch(config-if)#ip address 148.43.200.75 255.255.255.240 switch(config-if)#no shutdown switch(config-if)#ctl z Setting the Default Gateway Example switch>en switch#config t switch(config)#ip default-gateway 148.43.200.1 switch(config)#ctl Z switch# Configuring the Ports Example switch>en switch#config t switch (config)#int fa0/1 switch (config-if)#speed 10 switch (config-if)#duplex half switch (config-if)#switchport mode access switch (config-if)#switchport port-security Switch (config-if)#switchport port-security maximum 1 Switch (config-if)#switchport port-security mac-address 0008.aaaa.bbbb Switch (config-if)#switchport port-security violation shutdown

Saving & Deleting Configurations Example switch>en switch#copy run start This copies the running configuration to the startup-config file which resides in NVRAM switch>en switch#copy start run This copies the startup-config file from NVRAM into RAM. This will merge what is presently in your running configuration with what is copied in from the startup-config file. switch>en switch#copy run tftp://address/filename Address or name of remote host [148.43.200.7]? Destination filename [switch1.bin]? Saving & Deleting Configurations Example switch>en switch#erase start This erases the startup-config file from NVRAM. At this point it is commonly followed by a reload, which will cause the switch to boot with a default configuration. switch>en switch#delete flash:vlan.dat This deletes the vlan database. The file is recreated as soon as a new vlan is created.

Utilizing both of the above commands, then performing a reload on the switch allows it to be restored to factory values. Switch VLAN Commands VLAN Database Example Switch>en Switch#vlan database Switch (vlan)#vlan 100 name test Switch (vlan)#exit switch# VLAN Database Show Commands: Switch>en Switch#vlan database Switch (vlan)# show changes Show the changes to the database since modification began (or since reset) Switch (vlan)# show current Show the database installed when modification began Switch (vlan)# show proposed Show the database as it would be modified if applied switch#

Assign Switch Port to the VLAN Example Switch>en Switch#config t Switch (config)#interface fastethernet0/1 Switch (config-if)#switchport access vlan 100 Switch (config-if)#ctl z Switch# Assign Multiple Switchport Range CMD Example Switch>en Switch#config t Switch (config)#interface range fast Ethernet 0/1 – 3 , 0/9 - 12 Switch (config-if-range)#switchport access vlan 100 Switch (config-if-range)#no shut Switch (config-if-range)#ctl z Switch# Trunk Configuration [Manually remove VLANs from a trunk link] Example Switch>en Switch#config t Switch (config)#interface fast Ethernet 0/1 Switch (config-if)#switchport mode trunk Switch (config-if)#switchport trunk allowed vlan remove 2-1001 Switch (config-if)#no shut Switch (config-if)#ctl z Switch# VLAN Show Commands Switch#show vlan Displays the parameters for all configured VLANs Switch#show vlan id Displays the parameters for a specified configured VLAN Switch#show Interface Displays the administrative and operational status of all interfaces or a specified interface. Switch#show port system Switching mode can be verified by using the “show port system” command VTP Configuration Example Switch>en Switch#config t Switch (config)#vtp mode [ server | client | transparent ] Switch (config)#vtp domain domain-name Switch (config)#vtp password password Switch (config)#ctl z Switch#

Voice Router Commands VLAN Sub-Interfaces on Router Fast-Ethernet Port Example Router#config t Router(config)#interface FastEthernet0/0 Router (config-if)# description Trunk to Switch Router (config-if)# no ip address Router (config-if)# interface FastEthernet0/0.1 Router (config-if)# description VLAN 100 Router (config-if)# encapsulation dot1Q 100 Router (config-if)# ip address 148.30.1.1 255.255.255.240 Router (config-if)# interface FastEthernet0/0.2 Router (config-if)# description VLAN 200 Router (config-if)# encapsulation dot1Q 200 Router (config-if)# ip address 148.30.1.17 255.255.255.240 VLAN Virtual Interfaces on Router Example Router#config t Router(config)# int vlan 58 Router (config-int)# description voice VLAN Router (config-int)# ip address 148.30.1.1 255.255.255.240 Router (config-int)# interface VLAN 59 Router (config-int)# description data VLAN Router (config-int)# ip address 148.30.1.17 255.255.255.240 Router (config-int)# interface VLAN 60 Router (config-int)# description server VLAN Router (config-int)# ip address 148.30.1.33 255.255.255.240 T1 Controller Configuration Example Router#configure terminal Router(config)#network-clock-participate wic (slot) Router(config)#controller t1 0/3/0 Router(config-controller)#framing esf Router(config-controller)#clock source line Router(config-controller)#linecode b8zs Router(config-controller)#ds0-group 1 timeslots 1-12 type e&m-winkstart dtmf dnis H.323 T-1 Dial Peers Example Router# conf t Router (config)# dial-peer voice 20 pots Router (config-dial-peer)# destination-pattern .T Router (config-dial-peer)# port 0/3/0:1 Router (config-dial-peer)# direct-inward-dial Router (config-dial-peer)# no digit-strip Router (config-dial-peer)# preference 1

H.323 FXS POTS Dial Peers Example Router# conf t Router (config)# dial-peer voice 1 pots Router (config-dial-peer)# destination-pattern 6605198 Router (config-dial-peer)# port 1/0/0 Router (config-dial-peer)# end H.323 VoIP Dial Peers CME to CME Example Router# conf t Router (config)# dial-peer voice 4 voip Router (config-dial-peer)# destination-pattern 66071. Router (config-dial-peer)# session target ipv4:22.230.64.2 Router (config-dial-peer)# codec g711ulaw Router (config-dial-peer)# no vad Router (config-dial-peer)# preference 1 H.323 VoIP Dial Peers CME to CCM Example Router# conf t Router (config)# dial-peer voice 5 voip Router (config-dial-peer)# destination-pattern 6605[0-1] . Router (config-dial-peer)# session target ipv4:22.230.76.253 Router (config-dial-peer)# codec g711ulaw Router (config-dial-peer)# no vad Router (config-dial-peer)# preference 1 H.323 VoIP Dial Peers CME Router to HUB Example Router# conf t Router (config)#dial-peer voice 98 voip Router (config-dial-peer)#description All other calls go to hub for routing Router (config-dial-peer)#preference 1 Router (config-dial-peer)# destination-pattern .T Router (config-dial-peer)# session target ipv4:<HUB CCM Address Router (config-dial-peer)# codec g711ulaw Router (config-dial-peer)# no vad H.323 VoIP Dial Peers NATO Routing CME Router to HUB Example Router# conf t Router (config)#dial-peer voice 9995 voip Router (config-dial-peer)#description All 9YXMYXXXXXXXX calls go to HUB Router (config-dial-peer)#destination-pattern 9[0-1].[2-8][0-1] ... Router (config-dial-peer)#session target ipv4:148.22.246.29 Router (config-dial-peer)#codec g711ulaw Router (config-dial-peer)#no vad

Ring around the Rosey VoIP Dial Peer Example Router# conf t Router (config)#dial-peer voice 66052 voip Router (config-dial-peer)#description RingAroundtheRosey prevention Router (config-dial-peer)#permission none Router (config-dial-peer)#huntstop Router (config-dial-peer)#destination-pattern 66052.. Router (config-dial-peer)#session target ipv4:<your own CME_IP address> Router (config-dial-peer)#gateway Router (config-dial-peer)#timer receive-rtp 12000 Router DHCP Server Example Router# config t Router(config)# ip dhcp pool VOICE Router(DHCP- config)# network 22.230.40.254 255.255.255.192 Router(DHCP- config)# default-router 22.230.40.254 Router(DHCP- config)# option 150 ip 22.230.40.254 Show/Clear DHCP Commands Router# show ip dhcp binding Router# clear ip dhcp binding * Basic Telephony Service (CME) Commands Example Router# config t Router(config)# telephony-service Router(config-telephony)# load 7960-7940 P0030302014 Router(config-telephony)# load ata ATA030100SCCP040211A Router(config-telephony)# max-ephones 8 Router(config-telephony)# max-dn 8 Router(config-telephony)# ip source-address <IP Address> port 2000 Router(config-telephony)# timeouts interdigit 5 Router(config-telephony)# max-conferences 4 Router(config-telephony)# call-forward pattern .T Router(config-telephony)# moh music-on-hold.au Router(config-telephony)# transfer-system full-consult Router(config-telephony)# transfer-pattern .T Router(config-telephony)# create cnf-files Ephone Directory Number Commands Example Router# config t Router(config)#ephone-dn 1 dual-line Router(config-ephone-dn)# number 6605201 Router# config t Router(config)#ephone-dn 2 dual-line Router(config-ephone-dn)# number 6605202 Router# config t Router(config)#ephone-dn 4 dual-line Router(config-ephone-dn)# number 6605203

Ephone Configuration Commands Example Router# config t Router(config)# ephone 1 Router(config-ephone)# mac-address <mac-address> Router(config-ephone)#type 7960 Router(config-ephone)#button 1:1 Router(config-ephone)#button 2:3 Router# config t Router(config)# ephone 2 Router(config-ephone)# mac-address <mac-address> Router(config-ephone)# type 7960 Router(config-ephone)# button 1:2 Router(config-ephone)# button 2:4 Router# config t Router(config)#ephone 3 Router(config-ephone)# mac-address <mac-address> Router(config-ephone)# type ata Router(config-ephone)# button 1:5 Ephone Show Commands Example Router# sh ephone Router# sh ephone summary Router# sh telephony-service Router# sh telephony-service all Router# sh dial-peer voice summary Router# sh ephone voice call status DSP Media Resources for Call-Manager T2 Router (Transcoding) Example Router#config t Router(config)#voice-card 0 Router(config-voicecard)#dspfarm Router(config-voicecard)#dsp services dspfarm Router#config t Router(config)#voice-card 1 Router(config-voicecard)#dspfarm Router#config t Router(config)# sccp local GigabitEthernet0/0.58 (or Virtual Vlan interface #) Router(config)# sccp ccm 22.230.72.253 identifier 1 version 4.1 Router(config)# sccp Router#config t Router(config)# dspfarm profile 1 transcode Router(config-dspfarm-profile)# codec g729r8 Router(config-dspfarm-profile)# maximum sessions 40 Router(config-dspfarm-profile)# associate application sccp Router(config-dspfarm-profile)# no shut

Router#config t Router(config)# dspfarm profile 2 mtp Router(config-dspfarm-profile)# codec g711ulaw Router(config-dspfarm-profile)# maximum sessions software 100 Router(config-dspfarm-profile)# associate application sccp Router(config-dspfarm-profile)# no shut Router#config t Router(config)# sccp ccm group 1 Router(config)# associate ccm 1 priority 1 Router(config)# associate profile 1 register xcode001 Router(config)# associate profile 2 register mtp001 DSP Media Resources for CME Router (Transcoding) Example Router#config t Router(config)# voice-card 0 Router(config)# dspfarm Router(config)# dsp services dspfarm Router# config t Router(config)# sccp local GigabitEthernet0/0.58 Router(config)# sccp ccm 22.212.204.254 identifier 1 Router(config)# sccp Router# config t Router(config)# dspfarm profile 1 transcode Router(config-dspfarm-profile)# codec g711ulaw Router(config-dspfarm-profile)# codec g711alaw Router(config-dspfarm-profile)# codec g729ar8 Router(config-dspfarm-profile)# codec g729abr8 Router(config-dspfarm-profile)# codec gsmfr Router(config-dspfarm-profile)# codec g729r8 Router(config-dspfarm-profile)# maximum sessions 12 Router(config-dspfarm-profile)# associate application SCCP Router#config t Router(config)# sccp ccm group 1 Router(config)# associate ccm 1 priority 1 Router(config)# associate profile 1 register xcd001 Router(config)# keepalive retries 5 Show Commands Router#show voice port Router#show voice dsp Router#show voice dsp voice Router#show voice call status Router#show dspfarm all Router# sh sccp

Quality of Service Example: Class-Map Commands used to map traffic to a common group (class) of Traffic. Policy- Map Commands used to define policies to be applied to a specific group (class) of traffic or groups (classes) of traffic. Service-Policy Command used to assign a policy map to an interface. One Service-Policy may be applied to more than one interface. The chart below displays traffic groups that are referred to as DSCPs (Differentiated Services Code Points) used to identify specified Traffic and the manner in which traffic is handled. PHB DSCPs Best effort (BE) DSCP BE (default) Class selector (CS) CS1, CS2, CS3, CS4, CS5, CS6, CS7

Assured forwarding (AF)

AF11, AF12, AF13, AF21, AF22, AF23, AF31, AF32, AF33, AF41, AF42, AF43

Expedited forwarding (EF)

EF

QoS Class-Map Examples: Router# config t Router(config)# class-map match-all SIPRVoIP Router(config-cmap)# match dscp ef Router# config t Router(config)# class-map match-all VoiceSig Router(config-cmap)# match dscp cs3 Router# config t Router(config)# class-map match-any NetworkControl Router(config-cmap)# match dscp cs6 Router# config t Router(config)# class-map match-any TimeSensitive Router(config-cmap)# match dscp af21 af22 af23 Router# config t Router(config)# class-map match-any Collaboration Router(config-cmap)# match dscp af31 af32 af33

Router# config t Router(config)# class-map match-all ALL_TRAFFIC Router(config-cmap)# match any Router# config t Router(config)# class-map match-all VoiceSigLegacy Router(config-cmap)# match dscp af31 Router# config t Router(config)# class-map match-all CriticalServers Router(config-cmap)# match access-group name CriticalServers Router# config t Router(config)# class-map match-all Video Router(config-cmap)# match access-group name Video Router# config t Router(config)# class-map match-all CPOF Router(config-cmap)# match access-group name CPOF Router(config-cmap)# match not dscp ef Router# config t Router(config)# class-map match-all SIPRdata Router(config-cmap)# match not dscp ef cs3 QoS Service Policy-Map Examples: Router# config t Router(config)# policy-map SIPRdataRemark Router(config-pmap)# class CriticalServers Router(config-pmap)# set dscp af21 Router(config-pmap)# class CPOF Router(config-pmap)# set dscp af31 Router(config-pmap)# class Video Router(config-pmap)# set dscp af32 Router(config-pmap)# class SIPRdata Router(config-pmap)# set dscp af23 Remark: Apply this service policy input VLAN6! Router# config t Router(config)# policy-map VoiceSigRemark Router(config-pmap)# class VoiceSigLegacy Router(config-pmap)# set dscp cs3 Remark: Apply this service policy input VLAN58! Router# config t Router(config)# policy-map SerialAggregate Router(config-pmap)# class SIPRVoIP Router(config-pmap)# priority percent 34 Router(config-pmap)# class VoiceSig

Router(config-pmap)# bandwidth percent 3 Router(config-pmap)# class NetworkControl Router(config-pmap)# bandwidth percent 5 Router(config-pmap)# class TimeSensitive Router(config-pmap)# bandwidth percent 35 Router(config-pmap)# random-detect dscp-based Router(config-pmap)# class Collaboration Router(config-pmap)# bandwidth percent 20 Router(config-pmap)# random-detect dscp-based Router(config-pmap)# class class-default Remark: Apply this service policy output to all serial links! Max-reserved-bandwidth 100 needs to be applied to all serial links since we are not leaving 25% for class default! QoS Service-Policy Applied to Interface Examples: Router# config t Router(config)# interface GigabitEthernet0/0.6 Router(config-if)# description Plug and Play VLAN Router(config-if)# encapsulation dot1Q 6 Router(config-if)# ip address 172.28.142.1 255.255.0.0 Router(config-if)# service-policy input SIPRdataRemark Router(config-if)# no shutdown Router# config t Router(config)# interface GigabitEthernet0/0.58 Router(config-if)# description Voice VLAN Router(config-if)# encapsulation dot1Q 58 Router(config-if)# ip address 22.212.197.126 255.255.255.128 Router(config-if)# service-policy input VoiceSigRemark Router(config-if)# no shutdown Router# config t Router(config)# interface Serial0/0/2 Router(config-if)# description Interface to KIV-19 #5 through CPP A-A11 Router(config-if)# ip unnumbered Loopback0 Router(config-if)# ip ospf cost 100 Remark: Adjust the above line for the link type: LOS=100, FDMA=1000, Smart-t=1025, TDMA=1050 Router(config-if)# bandwidth 1024 Remark: Adjust the above line to the actual link bandwidth in kbs Router(config-if)# max-reserved-bandwidth 100 Router(config-if)# service-policy output SerialAggregate Router(config-if)# no shutdown