Control Network Arch Job Aid

Avaya Communication Manager 3.0Control Network Architecture

Job Aid

Rick OlmedoCopilot Convergence Engineer- NAR

[email protected](303) 538-5197

1.0 Introduction2.0 Control Network Architecture2.1 Best Practices for Network Design3.0 Main Site Private CNA, CNB with Remote PNs on Public LAN4.0 Multi Site CONCL using merged customer and control network.5.0 Multi Site Critical Reliability using extended private networks6.0 Appendix A: Sample Configurations7.0 References

1.0 Introduction

This job aid provides implementation and installation recommendations for implementing the Control Networks for an S87x0 Media Server series system on customer LAN/WAN.

Prior to Avaya CM 2.0, the S87x0 Media Server series Multi-Connect Control Network was required to be implemented on a private, dedicated network (see figure 1). With the introduction of Avaya Communication Manager 2.0, customers had the option of implementing the Control Network on their existing enterprise LAN infrastructure. It should be noted however, and taken into serious consideration that a private, dedicated Control Network provides the highest level of system reliability and availability. In addition since the system is isolated this interface is less prone to security issues. A non-dedicated network has the potential of being vulnerable to certain attacks, which in turn could impact the entire IP Telephony system.

Avaya CM 2.0 also introduced the S87x0 Media Server series IP-Connect systems in High Reliability configuration (figure 1). In this configuration the Control Network is duplicated, (typically referred to as Control Network A and Control Network B). The same configuration rules as the S87x0 Media Server series Multi-Connect system, apply to the S87x0 Media Server series IP-Connect system, in particular the customer has the option implementing their IP Connect System Control Network on a dedicated, private LAN.

AVAYA - PROPRIETARYrolmedo Page 1 04/09/2023

Figure 1. S8700 IP Connect High Reliability system – Private Control Network

Avaya CM 3.0 now introduced Mixed-PNC along with an optional ESS as a backup strategy. Mixed Port Network Connectivity (M-PNC) allows customers to combine traditional bearer connectivity within a Center Stage Switch (CSS) or ATM-PNC with IP bearer-connected port networks. Customers are able to have some of their port networks remain fiber connected, while converting/adding other port networks as IP-bearer connected.

Note that a single system cannot consist of both a CSS and an ATM-PNC. Mixed PNC support includes the following configurations:

ATM-PNC and IP Connect

CSS and IP Connect

Direct Connect EI and IP Connect

Each S87x0 Media Server series Multi-Connect system is configured in one of three reliability options: Duplex, High and Critical. Each S87x0 Media Server series IP-Connect system is configured in one of the two reliability options: Duplex, and High.

With CM 3.0 and the introduction of Mixed-PNC, mixed reliabilities are allowed to co-exist such that a customer’s main location that is a critically duplicated system can co-exist with a remote location consisting of simplex IP control and bearer connected port network. For example, a remote non-duplicated IP port network (single IPSI, single MedPro) may be added to a Critically Reliable CSS configuration. See the examples in figure 2 & 3 below.

AVAYA - PROPRIETARYrolmedo Page 2 04/09/2023

Figure 2. Merge Remote IP PNC System into Main

Figure 3. Adding a Remote Port Network

Note that within a Mixed-PNC environment, there can only be one CSS. That is, one center stage switch with up to three (3) switch nodes. Customers with more than one CSS system who wish to combine them will need to designate only one as the main CSS. The remaining servers may be used/converted to Enterprise Survivable Servers (ESS).

AVAYA - PROPRIETARYrolmedo Page 3 04/09/2023

2.0 Control Network Architecture

The Control Network is the network that carries control messages between the S87x0 servers and the IP Server Interface (IPSI) Boards (TN2312). In a High or Critical Reliability system, the Control Network is duplicated – providing redundant Control Network A and Control Network B configurations. Pre- CM 2.0 had isolated “private control” networks, and had non-IP paths (i.e. fiber) for the bearer (voice) traffic between networks. With the introduction of “Control Networks on Customer LAN” or CNOCL we now have the possibility of control signaling traffic between the S87x0 Media Server series call controller and the IP Server Interface board(s) (IPSI), which reside(s) in the Port network now sharing resources with other data network processes and activities (i.e. computer data traffic). Implementing a Control Network on customer LAN also allowed for WAN remoted IPSI Port Networks.

CNOCL introduces several new problems with were not present previously with private control networks and requires best practices network engineering and design to provide a highly reliable link between the servers and the port networks.

Best Practices – Network Engineeringo Network tolerances: Minimize Jitter, delay, & packet loss. For all VOIP

installations, Avaya recommends the following network requirements: Average packet loss less than 1% One-way packet delay less than 80 msec Less than 20 msec of packet jitter (RFC 1889)

o Implement VLANs/subnets to separate voice and datao Implement a network QOS strategy (QOS Checklist)o Design sufficient bandwidth for control & bearer traffic (ESS & Signaling)

Best Practices - WAN remoted IPSIs o Minimize short, intermittent outages < 3 seco Minimize route flapso Plan a strategy for prolonged outages

Back-up Servers (ESS) Redundant Links

Remember that if the active IPSI connection is lost for more than three (3) seconds, the system will attempt to migrate the links to another connection and result in a port network outage. This can be either another IPSI in the same PN as in the case of duplicated IPSIs, or the links can be routed from the EI board through the center stage switch (or ATM switch) to an IPSI in another PN, which will cause a PN warm reset.

An interchange between IPSIs will be transparent to the user. It will take approximately 2 seconds to move links from an IPSI to an EI. These links will reach the Call Server through another IPSI in the system. IPSIs that are in fiber connected PNs and will be chosen preferentially. They will be load balanced up to five PNs per IPSI. The DS1-Converter (DS1C, TN1654) connected PNs with IPSIs can handle two PNs and will be used after all IPSIs in fiber Connected PNs are loaded with their maximum. There is no way to steer the links in a system to a known state. The assignment is dynamic at boot time.

AVAYA - PROPRIETARYrolmedo Page 4 04/09/2023

When links are transitioned to an EI, the PN will be “warm” started. The warm reset of the PNs also causes CLAN links to teardown and re-establish. Even though this behavior assures that active calls will stay up, it might cause loss of data for transient calls (in the process of set-up or tear-down), missed lamp updates, and critically re-registration of IP-phones. The result is that even a very “short” data network outage (three seconds or more) can cause links to migrate to EI connections.

2.1 Best Practices

Although there are many choices for control network architecture, this job aid will address only the most common configurations (refer to Appendix A for other configurations).

The following sections illustrate common methods for establishing the control connection between S87x0 servers and IPSI-connected Port Networks. They identify advantages and disadvantages of each, so customers can select the appropriate solution for their environment.

3.0 Main Site Private Control Network A & B with Remote PNs on Public LAN

Figure 4. Private Control Network A & B with Remote PN

This example shows the connection of a local private control networks using the customers existing public enterprise network and redundant WAN links to provide connectivity to a remote site with a IPSI controlled gateway and a 8500 ESS server. The Local Control networks are

AVAYA - PROPRIETARYrolmedo Page 5 04/09/2023

designated as private in this case because the IP addressing of these control networks will not be routable through the Enterprise network. The control network at the remote site is designated as public because it is fully routable through the Customers Enterprise network. The Control connection from the S87x0 to the remote IPSI is established through the “Public” or the third interface connected to the customers public Enterprise space (Eth4). This configuration is particularly appropriate for large main sites which require a fully redundant architecture, with smaller remote sites that do not require the same level of redundancy.

This design provides for total protection of the local control networks from any enterprise network failures. But the remote site may be affected by enterprise network issues. Configuration is simplified, because the default route of the “CNC” interface (Eth4) will allow the CNC interface to communicate across the enterprise routed network infrastructure, without requiring static routes. It must be noted that in using this design, it is NOT possible for the ESS to take control of the primary site PNs, since there is no IP path.

Advantages: The dedicated Control network provides total isolation from outages in the Customer network, so all Local TDM communication can remain active during total Enterprise network failure. There are no static routes to maintain.

Disadvantages: The Remote site can be affected by Public Enterprise Network issues. The Remote ESS server cannot Control the port networks at the S8700 controlled location.

4.0 Multi-Site CONCL using merged customer and control network.

Figure 5. Merged customer and control network

AVAYA - PROPRIETARYrolmedo Page 6 04/09/2023

This example shows the connection of the two private control networks to the customers Enterprise network through Eth0 making them public. They are designated public in this case because the IP addressing of these control networks must be routable through the Enterprise network. This design is a common ESS strategy because it allows the remote site to gain control of the primary sites port networks. But it opens the control networks to all network issues experienced in the enterprise. Firewalls or strong access lists should be used to protect each sites control network, but inter-site connectivity cannot truly be protected. The use of the third interface (Eth4) connecting to the customer infrastructure for management is no longer necessary, and can be collapsed on the one of the other two networks (Eth0 or Eth3). Reliability can be improved by maintaining dedicated layer 2 switches for the local control network at each location. Static routes are not required when Control Network functionality is combined with “Corporate LAN” functionality on the same physical interface. This is because the Maintenance Web allows the user to specify a “default gateway” for this interface, and hence the user does not need to specify any static routes.

Advantages: Provides a control point to limit traffic allowed on the control network. Uses the customers, existing network infrastructure.

Disadvantages: This will not allow TDM connections to continue during most network failures. Static routing is required on both Main and ESS servers, and may become complex depending on the network architecture. Changes in network architecture will have to be synchronized with changes in the static route, and will be service affecting.

5.0 Multi-Site Critical Reliability using extended private networks

AVAYA - PROPRIETARYrolmedo Page 7 04/09/2023

Figure 6. Multi-Site Reliability with extended Private Control NetworkThis example shows the connection of the two private control networks using a dedicated routed infrastructure. They are designated private in this case because the IP addressing of these control networks will not be routable through the Enterprise network. This design provides for total protection of the control networks from any enterprise network failures, and allows remote site control of the primary sites PNs. In general, static routes and their gateways need to be specified for IPSIs that are not on the same subnet as their Control Network interface on the Media servers. With proper architecture, the static routing for CNA and CNB can use a single summary route.

Example: route 192.168.0.0 255.255.128.0 CNAroute 192.168.128.0 255.255.128.0 CNB

Note of Caution: Whenever possible, Avaya recommends forgoing the configuration of static routes on the S8700 server. The use of static routes in a dynamically changing environment or the use of mis-administered static routes will provide inconsistent connectivity.

Advantages: The dedicated Control network provides total isolation from outages in the Customer network, so all TDM communication can remain active during total Enterprise network failure. The use of simple summary routes instead of possibly complex static routing provides for a more reliable system. The synchronization of network changes with Communication Manger can be logistically difficult.

Disadvantages: Requires a dedicated infrastructure.

AVAYA - PROPRIETARYrolmedo Page 8 04/09/2023

AVAYA - PROPRIETARYrolmedo Page 9 04/09/2023

6.0 Appendix A: Sample Configurations

Figure A.1

AVAYA - PROPRIETARYrolmedo Page 10 04/09/2023

Figure A.2

Figure A.3

Figure A.4

AVAYA - PROPRIETARYrolmedo Page 11 04/09/2023

Figure A.5

7.0 References

1. Avaya Communication Manager 3.0, Control Network architectural options for resiliency, Tobey Shipley, COMPASS ID: 109928

2. Best Practices: ESS and Signaling, Timothy Kaye, Copilot Presentation , March 2006

AVAYA - PROPRIETARYrolmedo Page 12 04/09/2023